Alt text: Michael Scott Handshake meme. Managers text: “My company Congratulating me on avoiding a phishing test email”. Michael Scott text: “Me, terminally behind on answering email.”

You are viewing a single thread.
View all comments
38 points

“Let’s also make our users follow really complex password requirements but have our password creation/change page be different from the actual login screen so they have a really hard time using a password manager”-dumbass IT department

permalink
report
reply
17 points

Change your password every 30 days, and never reuse one, and don’t use a password manager, and don’t write it down anywhere, and…

permalink
report
parent
reply
20 points

The “Forgot password?” link is my new login process.

permalink
report
parent
reply
13 points

15 character minimum passwords that expire every 90 days and require MFA to remote in from home with 3 separate login sessions just to get to your PC, along with stripped down rights for everyone, even IS. The rights are so strict that if you wanted to, for instance, update a trusted application like Notepad++ because a recent exploit was found which would be a security concern, you can’t use the auto-update feature of the application; you have to download it manually from their repository, and run it using a special admin account created for you that doesn’t have an associated email address but also has a 90 day password requirement. But you wouldn’t been able to use their repository 6 months ago because we block any IP address outside the US and their previous service was located in UK, so if you wanted to keep that piece of software up-to-date with security and vulnerability patches (which they’ve harped on a number of times before) you’d have to find alternative download services located in the US regardless of how shady.

I wish I was joking.

permalink
report
parent
reply
6 points

My current employer actually just changed our password policy to greatly extend the password expiration date. We have cranked up the password requirements a tad, every login has 2FA and permissions are locked down to the size of a gnats asshole. Users seem to like it better since they don’t have to come up with a new password as often and we are telling ourselves it’s harder to brute force.

permalink
report
parent
reply

memes

!memes@lemmy.world

Create post

Community rules

1. Be civil

No trolling, bigotry or other insulting / annoying behaviour

2. No politics

This is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent reposts

Check for reposts when posting a meme, you can only repost after 1 month

4. No bots

No bots without the express approval of the mods or the admins

5. No Spam/Ads

No advertisements or spam. This is an instance rule and the only way to live.

Sister communities

Community stats

  • 12K

    Monthly active users

  • 3.5K

    Posts

  • 110K

    Comments