[OT] msbsos password recovery

Nifty Fedora Mitch niftyfedora at niftyegg.com
Tue Oct 21 00:38:48 UTC 2008


On Mon, Oct 20, 2008 at 04:25:24PM -0700, Aldo Foot wrote:
> On Mon, Oct 20, 2008 at 4:12 PM, Nifty Fedora Mitch
> <niftyfedora at niftyegg.com> wrote:
> >
> > Implied in all of this is a lesson to us in large and small companies
> > that access and pass words and keys need to be well managed.   If you have
> > not placed a sealed envelope with pass words and keys in your managers locked
> > resource perhaps you should.
> >
> > Such things need to be covered by policy and process.
> 
> Some companies shoot themselves on the foot when they require
> that user password be changed very frequently; every 60 or 90 days.

Yep...  I cannot tell you how often I have had a laptop act like a
brick because the policy for refreshing pass words with the master
WindoZ controller was shorter than travel schedule accommodates.  Then upon
returning from vacation to find that the requirement to change a
pass word policy had timed me out and manual intervention was required....

Such re-validations are expensive and costly especially so if the last
customer on a trip cannot see the presentation because connectivity to
the mother ship was 'overdue'.  At least with USB keys big enough to
hold the presentation and the growing number of hot spots this is less
painful than it was but still a pain.

Then there are the *%$^@$^   acro*, word and eXcel based "forms"
that are locked by some person gone, unresponsive, transferred or on vacation.

I was on a conference call with the manager of just such an unaware group and
one of us commented that this was so Kafkaesque.  The director over this manager asked
what Kafkaesque meant and no one in the home office knew.  We translated it
to "Catch 22" and still there was no light in the guano cave.


-- 
	T o m  M i t c h e l l 
	Found me a new hat, now what?




More information about the users mailing list