Results 1 to 14 of 14

Thread: Helpdesks - Unlocking Accounts

  1. #1
    XTR
    XTR is offline
    Va-va-vooom
    Join Date
    Jul 2003
    Location
    Tyne & Wear
    Posts
    3,766
    Thanks
    1
    Thanked
    0 times in 0 posts

    Helpdesks - Unlocking Accounts

    Ever logged into a PC at work.. entered your password 3 times and locked yourself out of your account.... Then you need to phone up your IT helpdesk and get your account unlocked.

    So you give them your username and they unlock your account, but your still unable to login.. so you ask them to reset the password and then the 1st time you login you have to change your password.


    So then......... your logged in...

    but how secure is that... NOT VERY!!!!!

    How do other IT departments work and deal with this?



    *Disclaimer* - The contents of this message are not necessarily my own opinions,thoughts or views... they may belong to the voices in my head!

  2. #2
    HEXUS webmaster Steve's Avatar
    Join Date
    Nov 2003
    Posts
    14,283
    Thanks
    293
    Thanked
    841 times in 476 posts
    At my College you have to submit a slip at the guidance desk about it - then at *some point* in the next 24hrs it'll get sorted, lol.

    Still, security is a big problem and things like what you have stated are the reason it's so easy to gain access to systems.
    PHP Code:
    $s = new signature();
    $s->sarcasm()->intellect()->font('Courier New')->display(); 

  3. #3
    XTR
    XTR is offline
    Va-va-vooom
    Join Date
    Jul 2003
    Location
    Tyne & Wear
    Posts
    3,766
    Thanks
    1
    Thanked
    0 times in 0 posts
    Quote Originally Posted by kez
    At my College you have to submit a slip at the guidance desk about it - then at *some point* in the next 24hrs it'll get sorted, lol.

    Still, security is a big problem and things like what you have stated are the reason it's so easy to gain access to systems.

    Cant exactly do that with 7000 users across 4 sites.



    *Disclaimer* - The contents of this message are not necessarily my own opinions,thoughts or views... they may belong to the voices in my head!

  4. #4
    daft ideas inc. scottyman's Avatar
    Join Date
    Jul 2003
    Location
    Charming and Exotic Bracknell
    Posts
    1,576
    Thanks
    2
    Thanked
    3 times in 3 posts
    I always used to get them to come along and sit outside the office until we were ready to help them.
    I never had repeated offences.... except for one guy who we ended up sacking as he was such a muppet - he forgot his password every week, and tried to get around password policies - we were pretty relaxed, 90 days, 8 chars of which two must be capitals, 4 lower case, 1 numeric and one special character.
    He just couldn't get his head around it!
    I basically made him wait half a day to get his password reset the last time around - he complained to the MD, who effectively told him that if he can't remember a simple password he shouldn't be working there in the first place!
    A couple of months after I started working there (3 1/2 years ago) - implemented a "48-hour lockout" - didn't implement it properly - just said that it was a new security feature, and that if people entered their passwords wrong three times in a row, they'd be locked out for 48-hours - total lie (but you can do it) and just ignored them after that.

    Cruel and unusual punishment, but an effectively way of getting people to learn regulations!

  5. #5
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts
    at the last large helpdesk I worked at - we had a user verification system , whhen their account was created , we'd ask for somethign like a favourit colour or birth town , if there was any security related issues , they'd have to answer the questions 1st.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Posts
    705
    Thanks
    0
    Thanked
    0 times in 0 posts
    Quote Originally Posted by XTR
    Cant exactly do that with 7000 users across 4 sites.
    Ours does that but then they have local IT on-site as well as "national" IT (for want of a better word) that is basically a call logging desk.

    YOu have to submit a form so its documented,.....


    Fun Not Frags - www.gsvgaming.net

  7. #7
    Time for Walkies... Atomic's Avatar
    Join Date
    Apr 2004
    Location
    Norfolk, UK
    Posts
    1,959
    Thanks
    0
    Thanked
    0 times in 0 posts
    I like working at a University, someone forgets the password they have to take their campus card to the helpdesk in person to get it sorted.

    Even if they are offsite, its their problem that they caused so they will get the inconvenience.

  8. #8
    Oh no!I've re-dorkalated! Jiff Lemon's Avatar
    Join Date
    Jul 2003
    Location
    Sunny MK
    Posts
    2,504
    Thanks
    80
    Thanked
    44 times in 41 posts
    When I helped look after 35,000 users, the system was based on your payroll number. Confirm your payroll number and we'll reset it for you. (amazing that staff could remember in an instant, a 14 digit letters and numbers sequence, but struggled with a 7 character or more plain text password!)

  9. #9
    daft ideas inc. scottyman's Avatar
    Join Date
    Jul 2003
    Location
    Charming and Exotic Bracknell
    Posts
    1,576
    Thanks
    2
    Thanked
    3 times in 3 posts
    LOL -
    Just reminded me of working for Mirror Group -=
    We (Engineering) took responsibility for a couple of servers which Mirror ran for us -
    Every time I wanted access - they asked for the day's password to the server room...
    Which of course, there wasn't one. They just didn't want to let me in!

    They really didn't like me very much for some reason - especially when I got one of their techs sacked! We had a mail server with a 4gb primary drive and 36gb Raid for the mail files -
    I discovered that the 350 users were being capped at 8 mb of mail each - so a little under 3 gb - once a few of us went over that limit, the mail server crashed.
    Went down to investigate (they really didn't want us in there!) and found that the mail files had been moved onto the C: drive, and the D: drive (raid) was filled with porn!
    Complete joke! This was about 2 weeks after I finally got responsibility for our servers...
    Same company, same staff - just different SLA's.

  10. #10
    www.5lab.co.uk
    Join Date
    Sep 2003
    Posts
    6,406
    Thanks
    1
    Thanked
    0 times in 0 posts
    at ours we have to authenticate ourselves with personal info
    hughlunnon@yahoo.com | I have sigs turned off..

  11. #11
    MD
    MD is offline
    Ex-HEXUS.net Staff MD's Avatar
    Join Date
    Jan 2004
    Posts
    6,366
    Thanks
    18
    Thanked
    137 times in 60 posts
    • MD's system
      • Motherboard:
      • Asus P8Z77-M PRO
      • CPU:
      • i5 - i3570k
      • Memory:
      • 32GB Corsair Vengeance
      • Storage:
      • 2 x 256GB SSD's (Samsung and Crucial)
      • Graphics card(s):
      • NVidia 640
      • PSU:
      • Corsair 600W
      • Case:
      • Silverstone TJ08e MATX
      • Operating System:
      • Win 8
      • Monitor(s):
      • 24" Dell Flat Panel
      • Internet:
      • 60mb Virgin Media
    easy, authenticate with user ID and email address, password is sent automatically to that mail account. the IT staff have no access to the passwords. Only to user ID's which we not give out unless 20 security questions are answered.

    m@
    Please do not message me about Scan Free shipping, I no longer work for HEXUS.net

  12. #12
    Goat Boy
    Join Date
    Jul 2003
    Location
    Alexandra Park, London
    Posts
    2,428
    Thanks
    0
    Thanked
    0 times in 0 posts
    I wrote a security audit for a company a few months back. First thing I did was mailed the system admin asking for the root password (so I could see what security stuff they had on their public facing web servers). He replied a few minutes later with the root password in plaiin text. LOL!

    Error #1...
    "All our beliefs are being challenged now, and rightfully so, they're stupid." - Bill Hicks

  13. #13
    MD
    MD is offline
    Ex-HEXUS.net Staff MD's Avatar
    Join Date
    Jan 2004
    Posts
    6,366
    Thanks
    18
    Thanked
    137 times in 60 posts
    • MD's system
      • Motherboard:
      • Asus P8Z77-M PRO
      • CPU:
      • i5 - i3570k
      • Memory:
      • 32GB Corsair Vengeance
      • Storage:
      • 2 x 256GB SSD's (Samsung and Crucial)
      • Graphics card(s):
      • NVidia 640
      • PSU:
      • Corsair 600W
      • Case:
      • Silverstone TJ08e MATX
      • Operating System:
      • Win 8
      • Monitor(s):
      • 24" Dell Flat Panel
      • Internet:
      • 60mb Virgin Media
    ROFL!!!! Now thats funny.
    Please do not message me about Scan Free shipping, I no longer work for HEXUS.net

  14. #14
    Ex-PC enthusiast
    Join Date
    Sep 2003
    Location
    Dublin, Ireland
    Posts
    1,089
    Thanks
    0
    Thanked
    0 times in 0 posts
    Quote Originally Posted by DaBeeeenster
    I wrote a security audit for a company a few months back. First thing I did was mailed the system admin asking for the root password (so I could see what security stuff they had on their public facing web servers). He replied a few minutes later with the root password in plaiin text. LOL!

    Error #1...
    He wasn't by any chance the guy who thought they needed an audit was he?

    That was 1337 h4X0r stuff
    The Cow by Ogden Nash
    The cow is of the bovine ilk;
    One end is moo, the other, milk.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Applebred Duron 1400 unlocking
    By ERU in forum PC Hardware and Components
    Replies: 3
    Last Post: 15-12-2003, 05:55 PM
  2. emails to hotmail accounts bouncing??
    By Mr Meltdown in forum Networking and Broadband
    Replies: 8
    Last Post: 17-11-2003, 03:35 AM
  3. XP Unlocking Kit
    By neiljenkins in forum PC Hardware and Components
    Replies: 2
    Last Post: 13-11-2003, 06:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •