Slashdot Mirror
Fun With Passwords?
eSims asks: "Most all SysAdmins have the pleasure of picking passwords and while we know the rules for picking good passwords we also know how to have a little fun with them as well. Password choices may be inside jokes about management, comments on the company, or just torture for the users we assign them to, but often they are funny. Without giving away the company secrets what are some of your funny stories about password selection?"
Oh, I missed the funny part...
:)
You'd be amazed how many times the word "orgy" comes up for our list of passwords.
We usually don't set new employee passwords with simlar words in it, we'll just re-generate a new one.
Check out Mon and Mon.cgi
I have a friend who works at NASA (not like 'Houston, we have a problem!', but a local office in MD).
He was working on deploying some APs at the office, rather configuring them after they had already been set up.
He goes to configure one of them, and finds that the default password doesn't work (that's a good thing, of course). So he yells across the room to his supervisor: 'Hey Jim, what's the password to the AP?'
Jim yells back: 'cumshot'.
For some reason I really doubt that anyone else was aware of that, or he surely would've had to change it.
- single sign on everywhere, so no-one (including the sys admin) ever has multiple passwords.
- initial passwords are generated randomly, instead of at the whim of an already over-worked sys admin.
- no-one but the user ever knows what the user's initial password is.
Ha ha ha. Isn't that funny?As in:
your password is changed
your password is invalid
One of the duties of being a Sys-admin is giving out passwords/access for vendors. You need to poke fun at them for all the outages.
g0f1x[t
Also one vendor pissed me off, so I used a competing vendor as a password. example, "3yC!sc0"
But then, its funny you spend that much time coming up with entertaining passwords and the hardware only supports telnet.
I use alpha-numeric passwords religiously, and usually throw a couple non alpha numerics in the mix. On more than one occasion, I've forgotten them. Nothing will humble a guy like having to break into his own box, and succeeding.
Whats funny is one piece of software didnt like a guys name, Steve Hitty. (something like that). We use first initial last name. Username = shitty
The software would block the username. Love that pattern matching programs, "ass" was also blocked, and tons of usernames had *ass* in it. Crazy, but I understand you dont want a guy with a vulgar vanity email address.
I can personally attest that Simon Travaglia on separate occasions changed my password to:
- "fuckwit"
- "ican'tremembermypassword"
Great days, great days.
We set him up, and tell him his password is blank.
Two minutes later, he comes back awfully upset, demands that we reset his password, cause it wasn't blank. So we do.
2 minutes later, he's really getting pissed. Comes back with the head of IT. We ask him if the caps lock is on? He gets furious, asking how the hell it could matter if the caps was on with a blank password. We respond with, "there is a big difference between a capital B and a little b". He is seething, but slowly the realization creeps in, and he figures out what the hell we meant. Our boss, sits there like a statue, till the sales guy leaves, and then just explodes in laughter so hard he couldn't stand.
ahh, the days of the dot-coms, how I will miss thee...
What are we going to do tonight Brain?
And i was about to mod your comment... but I wanted a "-1 Tragic" to go along with "+1 Funny"
[Fuck Beta]
o0t!
you shouldn't have the same password for all sites that need a logic.
or a grammar, for that matter, or a sense-making.
I once knew a sysadmin who liked doing the ol' Abbott & Costello with passwords:
User: What's my password again?
Admin: "login"
User: Yeah, that's what I'm trying to do, but I can't remember my password.
Admin: "login"
(etc)
User2: What's the username for the Reservation system?
Admin: "password?"
User2: No, I remember the password is "a$$h@t" but I don't remember that funny username.
Admin: "password?"
(etc)
Eloi, Eloi, lema sabachtani?
www.fogbound.net
At one point, my gf (a very petite woman) was using the password: #4#I!Better
A true statement, if ever there was one.
...but I once had a customer forget "unforgettable".
The lass was a walking blonde joke. Quite bright once she had everything assembled in her head, and very efficient at what she did, but if she ever got rattled it all went out the window.
Got time? Spend some of it coding or testing
I work as a consultant within a Fortune 100 manufacturer.
During our projects we have to set up a simulation lab and run our project for a few months prior to installing at the factory.
For one project, the lab servers were administered by a person who either did not understand the purpose behind the lab, or simply did not care about our priorities. And, his delays were causing us to run behind schedule.
After some political wrangling, I assumed administrative responsibility of the machines in our test environment.
The months passed, we restored the schedule, and were packing up to head to the job site to install the system, and it was time for me to turnover the systems back to the original admin.
But, he flaked on the meeting, so I'm standing there with root on the lab systems some of which are trusted by outside networks. And, he did not bother to show for the meeting that he called.
So, I set the passwords, and put them in a sealed, unlabeled envelope, and handed them to one of the other admins with whom I had become friends.
The only instructions I gave him were: "You'll know what to do with this when the time comes."
A few weeks later, I got the phone call from my friend talking about the other admin, "He came in here shouting and cussing about how that damn consultant had locked him out of his own systems, then took off without turning over the passwords. I new then that it was time to use the envelope."
Written on the piece of paper in the envelope was one word in block letters: 1nc0mp3t3nt
[
Computer teacher [yelling across crowded a computer lab]: "OK, [name], your new password is 'temp.' That's T-E-M-P 'temp.'"
As you can imagine, much fun was had with this one.
The password I use on all the systems I access is ********
Glonoinha the MebiByte Slayer
No bs, our webmaster's password is 'webmaster'. Of course so is her username and email addy.
Actually, as a sysadmin myself who uses Active Directory on a Win2000 system we are unable to see the users password at all. So changing the password to something nasty towards the IT staff would have no effect.
I couldn't think of a sig.
My important passwords I commit to memory, but ones that aren't so important I toss in a little program I found a few months ago called Whisper. Whisper stores usernames/passwords, will generate random passwords, and allows you to copy a password to clipboard quite easily. Anyway, the program lets you password protect your password file, so I did that. A few days go by and I open my password file and type in my password. "Wrong password. Failed to open document."
Yeah, that sucked.
Nice I just added everyones passwords from their stories into my personal dictionary. Who knows it might save me tons of time when trying to crack a system and the dictionary attack actually works!
Creative Demolition
I was consulting at a company called "ESP", and we needed to look at some data in an Excel file. For whatever reason, the employee who created the file decided to password-protect it, and he had gone home for the day. Important fact: This employee had previously treated me very poorly.
So the company's owner (we'll call her "Dee") calls him up, and asks him for the password. He says, "I'd rather not say." Then he asks her to put another employee on the phone, and he'll tell someone else.
So while she's arguing with him, I try to guess the password. Knowing this employee, though, I don't try his dog's name, I tried "fuckdee" and "fuckesp". The latter turned out to be correct, and I told her I was in. She told the employee not to come to work the next day.
The moral of this story MIGHT be to be smarter in password selection, but I'd LIKE to think it's to not piss off the IT staff - I always could have lied about the password.
At a large company where I worked, the sales team (or maybe some department of coporate motivation, don't remember exactly) emailed out - companywide! - the advice to "use a word for your password that will motivate you. For example, make your password 'sales' so that every time you log in, you are motivating yourself to sell!"
This was followed up about 24 hours later with a letter from the IT department, which said pretty much "ignore sales, they are idiots, do not ever take their advice on passwords."
I read a funny password anecdote (maybe from Jon Bentley's Programming Pearls). A user rushed into his cube, quickly typed his credentials, and was told that his password was invalid. He sat down, entered his password again, and it was fine. Curious, he logged out, stood up, and tried again. No access. When he was standing up, logging in always failed. When he was seated, he always succeeded.
How could the computer possibly know whether he was standing or sitting?
It turns out that somebody had switched a couple of the (physical) keys on his keyboard as a joke. When the user was standing at the keyboard, he used "hunt-and-peck" typing. When he was seated, he was touch typing.
(it's pretty good advice, too)