Fun With Passwords? 159
eSims asks: "Most all SysAdmins have the pleasure of picking passwords and while we know the rules for picking good passwords we also know how to have a little fun with them as well. Password choices may be inside jokes about management, comments on the company, or just torture for the users we assign them to, but often they are funny. Without giving away the company secrets what are some of your funny stories about password selection?"
Generation tool (Score:3, Informative)
When they want to change we have another tool that works based on some of those rules so users can just reset their password to password.
Re:Generation tool (Score:3, Funny)
You'd be amazed how many times the word "orgy" comes up for our list of passwords.
We usually don't set new employee passwords with simlar words in it, we'll just re-generate a new one.
Re:Generation tool (Score:3, Funny)
Whats funny is one piece of software didnt like a guys name, Steve Hitty. (something like that). We use first initial last name. Username = shitty
The software would block the username. Love that pattern matching programs, "ass" was also blocked, and tons of usernames had *ass* in it. Crazy, but I understand you dont want a guy with a vulgar vanity email address.
Re:Generation tool (Score:2)
Hey Assman!
Re:Generation tool (Score:2)
Re:Generation tool (Score:2)
One place I used to admin, one of the users was Jim Root!
Not kidding... always ended up having to call the helpdesk every time the root password was changed on all the servers - some dork didn't know how to write scripts that handle usernames with "root" in 'em.
He was amazingly patient with us, kinda backwards situation.
NASA (Score:5, Funny)
He was working on deploying some APs at the office, rather configuring them after they had already been set up.
He goes to configure one of them, and finds that the default password doesn't work (that's a good thing, of course). So he yells across the room to his supervisor: 'Hey Jim, what's the password to the AP?'
Jim yells back: 'cumshot'.
For some reason I really doubt that anyone else was aware of that, or he surely would've had to change it.
Re:NASA (Score:1)
Funny Story.... (Score:3, Funny)
I Had Mod points (Score:2, Funny)
Re:Funny Story.... (Score:2)
Don't even get me started on setting up ssh so you always have to enter your password! Oh man! I'm rolling! ROFLMAOLOL!!! OLOLOLOLLL!!!
bingo (Score:2)
to add to this: you have separate, "priviledged access" admin accounts - so you NEVER logon to a box for admin work with an account that has a roaming profile to pull down, internet access or email account. this is more important in a windows farm.
Re:Funny Story.... (Score:4, Interesting)
I was at a place (up Chuck river) that was supposed to be reknowned for it's information processing savvy, Python and CORBA and other soupy-acronyms abounded everywhere. The sysadmin had the wacky idea of everyones' passwords on multiple machines being :
First Initial + last Initial + initials of Research Program + last two numerals of year.
Yes, I kid you not. Everyone had accounts on, oh about eight to ten unix machines, with all passwords immediately known by all fellow users. And before you get misty-eyed and say oh it was so long ago a trusting time, it was 1995. (which was a long time ago in internet time.)
Experiment in Password Abuse (Score:4, Interesting)
IT staff regularly reads user passwords (for fun, profit, bogus administration, lack of professionalism, total misunderstanding of why security requires the sanctity of private passwords).
Try this experiment:
1. Change your password(s) to something abusive toward the IT staff.
2. Observe the IT staff (watch for them to become irate, agitated, angry, or any other such synonyhm).
3. Change this password everywhere you've used it across the Internet
Step 3, of course, brings into question the diligence of the user.
Re:Experiment in Password Abuse (Score:2)
Re:Experiment in Password Abuse (Score:3, Informative)
Usually? Which passwords? For what application? In-house or commercial software?
There's not much that you can say is usually true about passwords. They've been implemented thousands of times, by thousands of different developers, and I've seen plenty of systems where user passwords are stored, plaintext, in a database somewhere, or in a file readable (supposedly) by administrators.
There are good ways to do passwords, and bad ways
Re:Experiment in Password Abuse (Score:2)
Uh no...
The boss of my company is named "Bill". His password for *everything* is "Bill5" and it's not encrypted anywhere.
Re:Experiment in Password Abuse (Score:1, Funny)
unless (Score:2)
Re:Experiment in Password Abuse (Score:2)
Any way, I started touch'ing files in a world-unreadable subdirectory under $HOME like "paul bender can kiss my butt" and "paul bender dates his mother". He couldn't really s
"changed" or "invalid" (Score:4, Funny)
your password is changed
your password is invalid
Re:"changed" or "invalid" (Score:3)
That was changed a while though. Now our new password is "eatass". Shh... don't tell anyone!
Re:"changed" or "invalid" (Score:2)
And back at university (10 yr ago) the sysop just took the username and added a 1 in front of it.
So account joe had password 1joe.
Should be changed when a user logged on but many users didn't. When you went to him to ask to have your pwd reset because you forgot, the answer always was 'no prob I reset it, you know what it will be'.
And usually he created new accounts on monday morning or so, so quite a lot of people were logged in then to see what accounts were just added
Vendor Passwords (Score:5, Funny)
g0f1x[t
Also one vendor pissed me off, so I used a competing vendor as a password. example, "3yC!sc0"
But then, its funny you spend that much time coming up with entertaining passwords and the hardware only supports telnet.
Re:Vendor Passwords (Score:5, Funny)
That's ok, it just means more people get to see your joke!
Not especially funny, but might be useful (Score:5, Interesting)
I once read a tip about website passwords where you shouldn't have the same password for all sites that need a logic. One of the best suggestions I read was to have a password of say 4 characters, and intersperse the website name into it.
e.g. if your password is 1234 and you're logging into download.com it might be 1d2o3w4l or if it's slashdot.com then 1s2l3a4s or if it's msn.com then 1c2r3a4p etc. It's different for all and harder to guess, and cos it's not a word, anyone watching the keyboard might not pick up on you typing it.
Re:Not especially funny, but might be useful (Score:5, Funny)
or a grammar, for that matter, or a sense-making.
Re:Not especially funny, but might be useful (Score:1)
Re:Not especially funny, but might be useful (Score:5, Insightful)
Ah, I get it. So that when the slashdot guys read your password 1s2l3a4s, they'll be able to guess that your yahoo mail password is 1y2a3h4o. Perfect! It's a system whereby you use a different password on every site, but still manage to make it available to anyone who has one of your passwords. In-genius. Really. I mean it.
Re:Not especially funny, but might be useful (Score:2)
I won't tell you the "root" portion of my passwords, but try guessing what the key is for, say, my Discover.com account. My keys are usually 2 or 3 chars, depending on site PW length rules.
Have fun!
GTRacer
- The account's no good anyway
My own worst enemy (Score:5, Funny)
Re:My own worst enemy (Score:1, Funny)
Re:My own worst enemy (Score:2, Interesting)
If you've got access to the box, you've got access to its data.
Re:My own worst enemy (Score:1)
Re:My own worst enemy (Score:1)
Re:My own worst enemy (Score:1)
Re:My own worst enemy (Score:3, Informative)
Re:My own worst enemy (Score:1)
Yes, Yes I know there are solutions to this gaping wound, but AFAIK all commercial. The sysadmins at my schools just put blinds over their eyes and hoped everyone would be too clueless to notice.
I took it upon myself to hand them the cluestick.
Re:My own worst enemy (Score:2, Insightful)
Re:My own worst enemy (Score:2)
Re:My own worst enemy (Score:2)
Re:My own worst enemy (Score:2)
Better yet, use OpenFirmware protection (which is really a must-have for schools imo).
Re:My own worst enemy (Score:2)
Thanks for the idea though
Oh, and to the system admins reading this, I... uh... DIDN'T do that.
Re:My own worst enemy (Score:1)
- if the machine's bootloader has a password, a grub boot disk will do the trick.
- that also might be blocked but there are ways around that too.
the rule of thumb is that you can allways break into a machine to which you have physical access.
Re:My own worst enemy (Score:1)
I know, I said that a couple of times right up there ^^^^
Re:My own worst enemy (Score:3, Funny)
By sitting at the computer, looking around the desk and recalling some trivial piece of information about the owner, even though you've never had it. You're guarenteed to get in by your 3rd attempt or you movie admission ticket will be refunded.
BOFH (Score:5, Funny)
- "fuckwit"
- "ican'tremembermypassword"
Great days, great days.
Re:BOFH (Score:1)
Re:BOFH (Score:2, Funny)
sometimes I get bored (Score:5, Funny)
We set him up, and tell him his password is blank.
Two minutes later, he comes back awfully upset, demands that we reset his password, cause it wasn't blank. So we do.
2 minutes later, he's really getting pissed. Comes back with the head of IT. We ask him if the caps lock is on? He gets furious, asking how the hell it could matter if the caps was on with a blank password. We respond with, "there is a big difference between a capital B and a little b". He is seething, but slowly the realization creeps in, and he figures out what the hell we meant. Our boss, sits there like a statue, till the sales guy leaves, and then just explodes in laughter so hard he couldn't stand.
ahh, the days of the dot-coms, how I will miss thee...
Re:sometimes I get bored (Score:5, Funny)
whats the password to the file server?
why
Cause i need the password to do work
why..........etc...
Re:sometimes I get bored (Score:2, Funny)
Re:sometimes I get bored (Score:2)
Even meaner: "y".
Re:sometimes I get bored (Score:3, Funny)
Someone asked for the password, and he said "figure it out for yourself
It took the person trying to get the password a *long* time to figure out how to log in.
Most funny.
Abbott & Costello (Score:5, Funny)
User: What's my password again?
Admin: "login"
User: Yeah, that's what I'm trying to do, but I can't remember my password.
Admin: "login"
(etc)
User2: What's the username for the Reservation system?
Admin: "password?"
User2: No, I remember the password is "a$$h@t" but I don't remember that funny username.
Admin: "password?"
(etc)
"enter", "nothing", yah, yah... (Score:4, Funny)
The lass was a walking blonde joke. Quite bright once she had everything assembled in her head, and very efficient at what she did, but if she ever got rattled it all went out the window.
l33t speak (Score:3, Informative)
For example: wh4t3v3r or w1r3l3ss
Not as secure as you think (Score:3, Insightful)
Re:Not as secure as you think (Score:2)
The easiest is to keep a random word generator (or a dictionary) handy. Trying to come up with random words off the top of your head is an iffy proposition. You probably only use a few thousand words regularly, yet a good word file with have a few hundred thousand entries.
For example, here's an output from a very basic generator:
innatelyagouti0
unpredacious!rah
snowwhiterawly0
betulaceae35fave0
pandani&aerocyst>
scho
GF Pass (Score:5, Funny)
A true statement, if ever there was one.
Re:GF Pass (Score:5, Funny)
*ducks*
Re:GF Pass (Score:3, Funny)
id10t (Score:1)
The problem of the slow moving admin (Score:5, Funny)
During our projects we have to set up a simulation lab and run our project for a few months prior to installing at the factory.
For one project, the lab servers were administered by a person who either did not understand the purpose behind the lab, or simply did not care about our priorities. And, his delays were causing us to run behind schedule.
After some political wrangling, I assumed administrative responsibility of the machines in our test environment.
The months passed, we restored the schedule, and were packing up to head to the job site to install the system, and it was time for me to turnover the systems back to the original admin.
But, he flaked on the meeting, so I'm standing there with root on the lab systems some of which are trusted by outside networks. And, he did not bother to show for the meeting that he called.
So, I set the passwords, and put them in a sealed, unlabeled envelope, and handed them to one of the other admins with whom I had become friends.
The only instructions I gave him were: "You'll know what to do with this when the time comes."
A few weeks later, I got the phone call from my friend talking about the other admin, "He came in here shouting and cussing about how that damn consultant had locked him out of his own systems, then took off without turning over the passwords. I new then that it was time to use the envelope."
Written on the piece of paper in the envelope was one word in block letters: 1nc0mp3t3nt
Forgotten Passwords (Score:3, Interesting)
shhhh!!!! (Score:1)
short password reset story (Score:4, Funny)
As you can imagine, much fun was had with this one.
I use the same password on all my systems (Score:5, Funny)
Re:I use the same password on all my systems (Score:2)
Re:I use the same password on all my systems (Score:2)
That reminds me of a bash.org conversation (that I can't seem to find):
foo> You know, when you type your password in IRC, it comes across as stars. Here's mine: ********
foo> Try it!
bar> pass4win
bar> what did you see
foo> I saw ********
bar> You pass4win pile of stinking pass4win
foo> You ******** pile of stinking ********
foo> Whenever you type "pass4win" I see ********
bar> but why do I see my password when you type it?
foo
Webmaster's Password (Score:1, Funny)
The Wrong Password (Score:1)
Not exactly a password story, but ... (Score:2)
It's a Windows network, and all locked down. So imagine our surprise when they fsck up the CS classes' brand-new JDK installation, pop the JDK in C:\ of the network (to save time, they said later), and give it root privs. We started file I/O that week, so we figured we'd see what the
Re:Not exactly a password story, but ... (Score:2)
Usually there were about 5 nerds at my school in year 6/7 (including me) who had root privs. Then the new tech guy came, and conveniently changed the passwords without telling anyone. Including the IT coordinator. And left for the rest of the week. I always wondered why there couldn't be an admin there more than 1.5 days a week. Two years later, at high school, I found the tech working there for the rest of the week. No root privs anymore though, and I
Re:Not exactly a password story, but ... (Score:2)
US public school, but the techs are low-bid contractors who have nothing to do with the district. Hence, no incentive to care about anything. They've done a nice job spreading FUD, though. The computer club gets shut down eve
Re:Not exactly a password story, but ... (Score:2)
I knew that spending 2 hours a week of my school week when I was 7 learning to use a mouse would make me good at computers. I would be a perfect computer user, if just I didn't have the winmodem, and I could
Password for passwords (Score:5, Funny)
Yeah, that sucked.
Re:Password for passwords (Score:2)
Books (Score:2)
Out of context and with only 3 or 4 words, it often sounds absurd.
Wow! (Score:2, Funny)
when password list is encrypted... (Score:1)
I managed to brute-force crack the encryption one afternoon, and created a spreadsheet which used a set of lookups to allow you to enter a word, and unencrypt it into a string for the user password. By doing this you cou
Fun, no, prudent, yes (Score:3, Interesting)
The year was 1999. I was working at a computer-related company, I won't call it a "startup" or a "dotcom" but it was similar. There were three sysadmins, and the owner didn't trust any one admin with the ability to login as root by himself. So a compromise was reached.
Each of the three admins chose a password. The three passwords were combined into one monster, master, root password. In order to login as root, all three admins needed to be present, to type their portion of the password in the correct order. Once all three admins typed in, a root login was achieved and whatever duty was necessary would be performed.
So, what if one of the 3 admins got hit by a bus on the way to work? There was a contingency plan. Each of the three of us entrusted our password to one of the other two. In the event of an emergency, assuming two of the three admins were present, the full password could be reconstructed. For example,
Admin A's password was apple, and he told that to Admin B
Admin B's password was blueberry, and he told that to Admin C
Admin C's password was cherry, and he told that to Admin A
So if Admin B got runover by a train, Admin A and Admin C could still login as root (because Admin C knew Admin B's password part), change the root password, and do whatever needed to be done.
The benefit was that, unless there was some sort of conspiracy, no one admin could ever login as root by himself and do anything crazy.
--
Rate Naked People [fuckmeter.com] at FuckMeter! (NSFW)
Re:Fun, no, prudent, yes (Score:2)
Or work in a different room from another admin.
Someone I know got fired for this once... (Score:3, Funny)
So the company's owner (we'll call her "Dee") calls him up, and asks him for the password. He says, "I'd rather not say." Then he asks her to put another employee on the phone, and he'll tell someone else.
So while she's arguing with him, I try to guess the password. Knowing this employee, though, I don't try his dog's name, I tried "fuckdee" and "fuckesp". The latter turned out to be correct, and I told her I was in. She told the employee not to come to work the next day.
The moral of this story MIGHT be to be smarter in password selection, but I'd LIKE to think it's to not piss off the IT staff - I always could have lied about the password.
New Company Policy (Score:2)
Passwords, are becoming trickier and trickier. We now have a new company policy that requires all servers, internal, external, etc, to have a password that is > 7 characters long, must contain alpha characters of mixed case, at least one number, and at least one punctuation mark (ie. .,!?`~, etc). It becomes quite a pain trying to remember all our servers passwords, and usernames. All I can say, is thank heavens for PassKeeper.
Oblig. (Score:2)
Re:Oblig. (Score:2)
Default Passwords ... (Score:2)
... well known to my co-workers, for a web-based application:
Some day, all my co-workers at the main office seemed to have to work on my development machine (remote office), so I changed the master password. A phone call some time later: "Please tell me the password." Told him. Machine blocked again a few days later. Wash, rinse, repeat. Finally, I changed the password to "never". Phone call: "Please tell me the password." - "Never." (*klick* speaker on) - "Oh, come on. Tell me the password." - "Never." -
At college (Score:2)
Re:At college (Score:2)
Password advice from sales team (Score:3, Funny)
This was followed up about 24 hours later with a letter from the IT department, which said pretty much "ignore sales, they are idiots, do not ever take their advice on passwords."
Fun with ART (Score:2)
This school also used to have passwordless novell shares with sensetive data on them.
VMS (Score:3, Interesting)
VMS had a password generator that made nonsense words that were (supposedly) pronounceable and thus memorable. As a result of the algorithm, it would often pick a real word (or a real word plus some extra syllables). Sometimes, the real word would be offensive.
So the folks at DEC kindly put a naughty word filter into the generator (in many languages). But then there was the risk that people perusing the source code (it was available on microfiche) could be offended if they stumbled upong the naughty word table.
So the folks at DEC obfuscated the naughty word table with something trivial like ROT13.
That inevitably led to somebody circulating a program to decode the naughty word table, and a Usenet thread that taught us how to cuss in a dozen languages.
Re:VMS (Score:2)
I've never heard of anybody getting called an uncle f***er...
OT: Uncle F***er (Score:2)
It's from the South Park movie. http://www.emptybottle.org/glass/2003/12/uncle_fu
psychic passwords (Score:4, Funny)
I read a funny password anecdote (maybe from Jon Bentley's Programming Pearls). A user rushed into his cube, quickly typed his credentials, and was told that his password was invalid. He sat down, entered his password again, and it was fine. Curious, he logged out, stood up, and tried again. No access. When he was standing up, logging in always failed. When he was seated, he always succeeded.
How could the computer possibly know whether he was standing or sitting?
It turns out that somebody had switched a couple of the (physical) keys on his keyboard as a joke. When the user was standing at the keyboard, he used "hunt-and-peck" typing. When he was seated, he was touch typing.
Re:psychic passwords (Score:2)
the best pw i've seen... (Score:2, Funny)
(it's pretty good advice, too)
Re:A word not common in most dictionaries (Score:1)
Re:Three letter password (Score:2, Informative)