Friday, November 11, 2016

It Is Casual Friday After All

It’s Password Day!  My email password is no longer “S0x&S@nd@l$”


That's right, folks.  Password Day!  Those special days of the year where Jeremy has to change his passwords to around a dozen different systems he uses at work, and hopes that the same new password will fit all of the rules.  Let's see how he fared this time around.


I did the same as last time!  Only one of the systems rejected my new password for violating some rule that I don't even understand.  It has enough of the usual specialty items that passwords like to have such as capital letters, numbers, special characters, and/or whatnot.  It's long enough to satisfy the requirements for every other system.  It's not the same as my last 10 passwords.  It's not a common series of letters or words like "password" or "12345" or any of that nonsense.  Every system likes it, except one.

That system is a jerk. 

On top of rejecting my preferred password, it's a jerk about assigning a password.  Since I can't be bothered to remember two new passwords (or for that matter, finding one that is allowed by this jerk of a system and doesn't violate whatever phantom rule I'm breaking with the other one), I simply asked it to generate a password for me.  On the last password day, this turned out to be a remarkably big mistake.  Since it's no longer the password and is no longer good for anything, I can share it with you here.  The password it gave me was "KRSDFtq9ysijwZtch8rofSjNZITJHp".  I'm not making that up. 

In order to actually use that, I employed one of the exact scenarios that one is supposed to avoid when using passwords...I saved it in a txt file on my hard drive.  So, if anybody wanted to access that system using my account, all they would have to do is be able to log into my computer using the power-on password and windows password, then locate the piece of software which serves as the interface for that system, locate the txt file buried on my hard drive somewhere, figure out that this jumble of nonsense was in fact the password to that system, and log right in. 

I still feel okay about the security there...especially since it's a database where I only have read access and can't even change any of the data stored inside.  Good thing I have a new secure password. 


With the exception of today's anecdote, it should be noted that neither this nor any of the passwords featured in our "Password Day" posts are or have ever been used as Jeremy's email password.  Seriously...there's nothing interesting in Jeremy's work email anyway...just a bunch of worky stuff.  You're better off hacking his Facebook account. 

No comments: