Plus votes give away!
#81
Posted 2011-June-10, 08:19
#82
Posted 2011-June-10, 08:19
#83
Posted 2011-June-10, 08:19
#84
Posted 2011-June-10, 08:33
#85
Posted 2011-June-10, 15:49
Elianna, on 2011-June-06, 15:16, said:
(please note, link from (yet another site), and as I am not a ravelry member, I can't read it without logging in to confirm, but I trust the several people who pointed this out. *If* I am just scare-mongering, I am really sorry).
#86
Posted 2011-June-15, 07:43
#87
Posted 2011-June-15, 22:08
Free, on 2011-June-15, 07:43, said:
lol I think everyone does. Hmm, I am dangerously close to 100 rep.
Oh and happy birthday!
#88
Posted 2011-June-16, 13:45
mycroft, on 2011-June-10, 15:49, said:
(please note, link from (yet another site), and as I am not a ravelry member, I can't read it without logging in to confirm, but I trust the several people who pointed this out. *If* I am just scare-mongering, I am really sorry).
Of course I saw that, it was front page news there. But who is silly enough to have the same username/password combo on different sites that you can spend money?
#89
Posted 2011-June-16, 14:15
Elianna, on 2011-June-16, 13:45, said:
Many.
#90
Posted 2011-June-16, 14:23
Elianna, on 2011-June-16, 13:45, said:
Reminds me of a time I did some contracting for a company in Atlanta and needed a half dozen passwords to get at the various systems involved. Huge red-on-white signs hung in every room:
1. Use a different password for each system!
2. Change your passwords every week or lose your privileges!
3. Never use the same password twice!
4. Never write down your passwords!
They were very security conscious.
The infliction of cruelty with a good conscience is a delight to moralists — that is why they invented hell. — Bertrand Russell
#91
Posted 2011-June-16, 15:10
PassedOut, on 2011-June-16, 14:23, said:
1. Use a different password for each system!
2. Change your passwords every week or lose your privileges!
3. Never use the same password twice!
4. Never write down your passwords!
They were very security conscious.
Actually they were not.
If you change your password on half a dozen systems every week, you need to learn 6 passwords every week. After a few weeks you will start to mix them up or you will start to invent some systemic change. e.g. use the same password, with the number of the week in the end or you will violate rule 4 and write them down.
So rules 1 and 2 force you to violate rules 3 and 4.
Does changing the password help? No really.
Assume it takes 7 days to try all possible passwords, and assume that you change the password at the end of day 1.
If your password was hacked at day 1, the damage was already done.
If it was not hacked, than changing the password has a 6 to 1 chance that the new password is still in the set that hast to be tested. So changing the password will not slow down that hack in 6/7 of the cases. Obviously changing the password will help more if it happens at the end of the 7 day period. If your password is created in a way that it takes much longer than 7 days to hack you will hardly ever benefit from the change.
But ... if you change your system settings in a way that only on login try is allowed in 15 minutes, hacking an insecure 4 digit password will on average take 5000 times 15 minutes which is about 21 hours. Allowing one try every millisecond will allow the hack to be done in about 1.25 seconds.
So if these guys where really aware of security, they would have allowed you to pick a long password that you can remember and implemented a slow login retry.
This would allow you to follow rules 1,3 and 4.
As to rule 4, if you write down your password and put the paper with the password into a locked drawer of your desk.
It can usually only be accessed by someone who is allowed to enter your office. If your office is inside an access restricted area, the risk from writing down your passwords is very small.
In fact if you are able to use a password that is longer and more complicated, by writing it down the fact that it is more difficult to hack can over compensate for the small risk of writing it down.
#92
Posted 2011-June-16, 15:30
As for tv, screw it. You aren't missing anything. -- Ken Berg
Our ultimate goal on defense is to know by trick two or three everyone's hand at the table. -- Mike777
I have come to realise it is futile to expect or hope a regular club game will be run in accordance with the laws. -- Jillybean
#93
Posted 2011-June-16, 16:52
blackshoe, on 2011-June-16, 15:30, said:
The infliction of cruelty with a good conscience is a delight to moralists — that is why they invented hell. — Bertrand Russell
#94
Posted 2011-June-16, 17:22
hotShot, on 2011-June-16, 15:10, said:
They were very conscious of security, but not actually secure. Those signs evidently eased the concerns of some managers.
The infliction of cruelty with a good conscience is a delight to moralists — that is why they invented hell. — Bertrand Russell
#95
Posted 2011-June-16, 17:28
Elianna, on 2011-June-16, 13:45, said:
cherdano, on 2011-June-16, 14:15, said:
Err... nearly everyone?
#96
Posted 2011-June-16, 18:43
Fluffy, on 2011-June-02, 13:43, said:
Rejoice. Shubi lives:
http://www.bridgebas...opic/46417-tst/
cherdano, on 2011-June-05, 17:05, said:
I confidently expect the quality of posts to rise imminently.
(I have low aspirations. My goal is to reach "Excellent")
Psyche (pron. sahy-kee): The human soul, spirit or mind (derived, personification thereof, beloved of Eros, Greek myth).
Masterminding (pron. mstr-mnding) tr. v. - Any bid made by bridge player with which partner disagrees.
"Gentlemen, when the barrage lifts." 9th battalion, King's own Yorkshire light infantry,
2000 years earlier: "morituri te salutant"
"I will be with you, whatever". Blair to Bush, precursor to invasion of Iraq
#98
Posted 2011-June-23, 10:41
#99
Posted 2011-June-23, 12:34
http://www.bridgebas...917#entry555917
Action finally taken against Lurpoa. Rain thinks that Lurpoa was driven to this due to our harassment! I made a long post. My favorite part was remembering that jillybean first mass downvoted everyone in this thread (while downvoting was anonymous), then spammed this thread hoping for + votes (still anon downvoting). Then - votes were public, and I downvoted her, and she messaged me on BBO telling me to stop downvoting her! Haha. That is right up there with Lurpoa's profile posting that is in my signature, while downvoting everyone.
Haters gonna hate. At least jilly had the sense to stop downvoting everyone for no reason.