Slashdot Mirror


The Unspoken Taboo - The Never Expiring Password

anon writes "Every security savvy professional lives with the daily fear of the "never expiring password" being exposed. It's the unspoken taboo, the wide open back door in every corporate network. But no-one ever acknowledges it or discusses it. All applications have got pre-defined passwords that never change. Which means developers, privileged users and hosting third party service providers will all have access to these passwords."

20 of 537 comments (clear)

  1. I hate to do it.... by Strokke · · Score: 5, Funny

    but I feel the need to expose the world's most sophisticated software. The password....is "password"

    1. Re:I hate to do it.... by ppz003 · · Score: 5, Funny

      Really... My secret password is 1 2 3 4 5.

    2. Re:I hate to do it.... by techfury90 · · Score: 5, Funny

      That's the same combination as my luggage!

      --
      I'm friends with the youngest daughter of the former head of the PowerPC division of IBM you insensitive clod!
    3. Re:I hate to do it.... by passion · · Score: 3, Funny

      quick - what's the combination to the air shield?!

      --
      - passion
    4. Re:I hate to do it.... by double-oh+three · · Score: 5, Funny

      No no no, you don't jump straight to the combination on the luggage line. First comes the "that sounds like the kind of combination an idiot would have on his luggage" and then comes your line.

      Another +5 funny could have been milked from that joke, but noooo, you had to ruin it and skip a line.

      This ain't Soviet Russia ya know.

      --
      "For years, I struggled with reality... but I'm happy to say I finally won out over it." -- Elwood P. Dowd
    5. Re:I hate to do it.... by doubtless · · Score: 4, Funny

      One of the funniest quote I read from bash.or goes something like this

      tech support: what's your password?
      user: ******
      tech support: .....
      user: really, it's ******. now you don't even know if i'm really stupid or really smart.

      --
      geek page at KY speaks
    6. Re:I hate to do it.... by j-turkey · · Score: 5, Funny
      My favorite bash.org password quote:

      [Cthon98] hey, if you type in your pw, it will show as stars
      [Cthon98] ********* see!
      [AzureDiamond] hunter2
      [AzureDiamond] doesnt look like stars to me
      [Cthon98] *******
      [Cthon98] thats what I see
      [AzureDiamond] oh, really?
      [Cthon98] Absolutely
      [AzureDiamond] you can go hunter2 my hunter2-ing hunter2
      [AzureDiamond] haha, does that look funny to you?
      [Cthon98] lol, yes. See, when YOU type hunter2, it shows to us as *******
      [AzureDiamond] thats neat, I didnt know IRC did that
      [Cthon98] yep, no matter how many times you type hunter2, it will show to us as *******
      [AzureDiamond] awesome!
      [AzureDiamond] wait, how do you know my pw?
      [Cthon98] er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
      [AzureDiamond] oh, ok.
      --

      -Turkey

  2. Oh no! by Anonymous Coward · · Score: 5, Funny

    The locksmith just changed my locks! Did he keep a copy? Is he trustworthy? I don't know... Shit! All applications have passwords? Could someone tell me how to hack notepad? I forgot I needed a password. Someone must have left it unlocked on my rig. Probably a hacker.

  3. !seineew by Leebert · · Score: 5, Funny

    !seineew era sreenigne epacsteN

  4. Write your changing password on a Post-It by Anonymous Coward · · Score: 5, Funny

    After IT enforced monthly changing passwords requiring so many letters with numbers in between, now I write it on a post-it note and stick it on the monitor.

  5. Re:Hardcoded userids and passwords? by s1ashd0twh0r3 · · Score: 4, Funny
    What decade was this article written in? Who the hell 'hard codes' a user id and password into web based applications?

    It was written in 1972, back when all web-based applications were written in machine code. Don't you know anything about computer history?

  6. Re:All applications have what? by Dausha · · Score: 5, Funny

    "Huh? What applications have these?"

    Solitare, Minesweeper, Frogger.

    --
    What those who want activist courts fear is rule by the people.
  7. Re:guilty by Anne_Nonymous · · Score: 4, Funny

    >> adult hosting site. One day, just for the hell of it, I pulled out the top ten passwords.

    Drum roll please, Anton...

    10. Wank
    9. Jerk
    8. Milk
    7. Yank
    6. Spank
    5. Rub
    4. Beat
    3. Whack
    2. Jack
     
    ...and the number one porno password...

    1. Off

  8. The Password by Ruff_ilb · · Score: 5, Funny

    "
        Many years ago I was acting as the system administrator for a test system in a large publicly held company. Periodically I would receive a call from someone who had not accessed the system recently, forgot their password and locked themselves out trying to logon. I would look up their password and unlock the system for them and they would go on their merry way.

            One day I received a call from a young lady who was in just such a predicament. I looked up her password and informed her that it was 'DOME' and, just to be playful, told her the price for me being gracious enough to unlock her sign-on was an explanation of the meaning of her password. She became very embarrassed over the phone and pleaded that she could never reveal her secret. I of course replied that I would not give her system access until she did. After negotiating for several minutes she finally acquiesced but made me promise to never reveal her password meaning to any of her colleagues to which I gladly agreed.

            "Well, what does it mean?", I asked.

            She hesitated and then replied, "It's two words."

            There was pregnant pause. I unlocked her system and simply said, "Have a nice day".

    "

    --
    http://www.TheGamerNation.com/Forums
  9. Re:guilty by The+Amazing+Fish+Boy · · Score: 5, Funny
    how many of us computer-savvy are guilty of doing this for our login accounts, web banking, Email, etc? I know i am.

    Sadly, I am guilty of this as well.

    He wasn't kidding, folks!
  10. Re:COLO's the worst from experience scarly by Jaxoreth · · Score: 5, Funny
    As a rule as a admin you should constantly try cracking your own systems passwords, each one you get that user owes you beer. Least they can do for potentialy saving there job and your company.
    And don't invest in any firm whose sysadmin is constantly drunk...
    --
    In general, it is safe and legal to kill your children. -- POSIX Programmer's Guide
  11. Re:Revent case of that in Japan by Anonymous Coward · · Score: 5, Funny

    Couldn't they just intall locks?

    No, of course not. That would ruin the story.

  12. Fluffy by quokkapox · · Score: 4, Funny
    The best security strategy is to simply use your cat's name as your password.

    As long as you rename your cat frequently.

    I just wish z8gderfgh wouldn't claw the furniture all the time.

    --
    it's a blue bright blue Saturday hey hey
  13. Re:Hardcoded userids and passwords? by Khashishi · · Score: 3, Funny

    Simple.
    Don't store the password in a text file. Put the database login and password in a database. Then put the login and password for that database in another database. And so on.

  14. Re:guilty by thebiggs · · Score: 5, Funny

    My password is a 256 character random string intialized by digitizing the braying of six donkeys on a semi-daily rotating basis. Once the braying is digitized, and the seven-factor hash table is used to generate the string, it is transfered via secured lasercable to the memory unit of a Sony Aibo. The Aibo has been specially modified with a woodburning unit, and the password is then burned onto a piece of burnished cherry wood, which I am then allowed to view for exactly twelve seconds before it is ground into a very fine sawdust.

    All of this takes place behind a triple-secure double-blind firewall, inside a bunker which is encased in twenty-three feet of reinforced concrete and surrounded by a moat with biometrically activated piranhas.