I'm still fumbling with the logic where it is prefered that we use a master account to perform certain tasks "because that way only that account has permission to make those changes, so we'll control who does what." And then 10 of us all have the id and password.

I'm still fumbling with the logic where it is prefered that we use a master account to perform certain tasks "because that way only that account has permission to make those changes, so we'll control who does what." And then 10 of us all have the id and password.

We have a similar logic here with keys to important areas. Somehow it is more secure for one person to keep a key in her desk for us to use to access "secure" areas than to give each person who needs to access the area a key. And then people take the key from the person's desk, lose it, and she is the one in trouble for giving out her key.

And then 10 of us all have the id and password.

oh man, I have to deal with one database where users can have either read access for everything or write access for everything. not module specific.

which is a lot like everyone using the same master account.

I hate that database and all of its totally unstable information.

It's a similar case, Sox. It's great that there is only one account with global privs. Safer, right? Except so many people use the account, you can't tell who really did something!

We have to change passwords fairly frequently here and there is another system I have to sign in on, that the password changes at a different rate. I know a lot of people here have a baseword and then a string of numbers. I rotate through fandom passwords mostly.

you can't tell who really did something!

a-yup. which helps some people out tremendously.

t has spik-el-oost flashbacks

has spik-el-oost flashbacks

I wore that t-shirt the other day! It made me giggle.

I won't even get into how insecure that type of user name system is. All some needs to do is get a company directory and they have everyone's username.

Is it really practical to exercise security measures when it comes to usernames? I've never worked on a system where they weren't predictable. After all, you often have to look at a user ID and work out whose it is.

My magic secure password trick is to pick a word I'll remember and stick punctuation in the middle of it "carabiner" becomes "cara%biner" and if they need numbers it can be "cara1%biner" and we're good to go. If I have to change them regularly, just increment the number.

I know a lot of people here have a baseword and then a string of numbers.

yeah, I did that for a while. I would put a number before or after, which fooled the computer into thinking that it was a new password. You couldn't just use buffy1, then buffy2; it didn't like that. You'd have to use buffy1, then 2buffy, then buffy3. then it got better at recognizing that issue. now, I just get random. I also sometimes just use the same password in different languages. Yay babel fish.