Computer security: what dvives you nuts?

In My Humble Opinion
21

Are we talking about IT peeves or computer peeves?

I work in IT and, as I posted previously, I don’t care for the restrictiveness that IT does. Some, of course, is useful to everyone: we don’t let users run as administrators. However, if any user needs software installed, we will install it for them – usually using RDP so we don’t have to visit the computer. It takes an extra few minutes of the user’s time, but their computers get fewer problems.

Recently there’s been a change in management, though, and the new regime is much too restrictive on computer security. We’ve been wanting for about a year to use the Windows Remote help function, but they refuse to make certain changes in the firewall to make it work because, despite tons of evidence and reports that it causes no problems, they don’t want to do it until it’s safe. They blocked PDF files, despite the fact that no security expert anywhere considers them a threat (there was a problem with them five years ago, with people spreading viruses using password-protected PDFs. But all antivirus is on to this trick now, and virus writers have moved on to other techniques).

The problem is that the security minded people will always play up the slightest potential threat, even though there’s less than a .000000001% chance of it ever happening (and if it can be easily fixed if it does).

As for computing peeves, mine is downloaders. When you do to a site to download a file, they want you to use their downloading software, installing it on your computer even when you’ll never use this again. Not to mention that every web browser ever invented has downloading capabilities. The user gets nothing of importance and it just clogs up their computer.

22

I do not actually have any pet peeves about computer security on my own personal computer. And in my entire life, the total # of months in which I have had to sit down and use a computer provided to me by my employer instead of providing my own comes to

::stops to count::

about 8. That’s months.

When I have provided my own (15 years and counting) they’ve been set up MY way without IT Dept interferences.

In other words: I am way, way spoiled and I know it.

So here are my greatest annoyances among the (admittedly trivial) impositions I’ve had to deal with:

•Firewalls that restrict what internet protocols I can use to access resources outside the building. I want to be able to FTP or SFTP files to and from external computers, to use Apple Remote Desktop, Microsoft Remote Desktop, VNC, Timbuktu, and other remote control sw to directly manage external computers, and to open remotely hosted FileMaker databases (fmnet://) and run FileMaker Server remote management.

• Email. If you’re going to set me up with a corporate email account, make sure it has a standard POP3 and SMTP configuration and just give me the SMTP and POP3 server and account and password. I’m going to set it up in Eudora, not some other email program you may have had in mind, and receive and send emails on my own computer of course. If you’re totally wedded to the idea of some misbegotten Exchange Server IMAP thingie that isn’t set up to work with anything but Outlook or Entourage, at least set up an auto-forwarding rule so that the Exchange Server account you’ve set up for me auto-forwards all inbound email to my regular email address. And do whatever you need to do with your firewall so I can send FROM Eudora “as that account” without you flagging it as spam or something.
Hmm, can’t think of any others, really. I can think of a zillion that would annoy me IF I had ever had to put up with them (like having restrictions on what web sites I can browse to or being forced to use Microsoft Word or something) but I haven’t had to, so it makes no sense to list them.

23

The worst I ever saw, a few years back there was a memo sent out to everyone in the University. The school’s IT department had discovered that some folks were using insecure passwords for our Banner accounts (the system that did basically all the record-keeping for the school, from registering for classes to recording grades to tracking hours for hourly employees), and so urged everyone to switch to a password of at least eight characters, including letters of both cases, numbers, and symbols.

Great advice, so far as it goes, except that the only things the system would even let you use were six-digit numbers.

As for managing passwords, I use a three-tier system. First, there are things that shouldn’t even need a password at all. For those, I just use my birthdate. Then, there are things where it’s reasonable to have a password, but for which there’s little incentive for anyone to try to break in, or where the consequences of someone breaking in are minor-- For instance, an account for an online game, or for a message board I only use very casually. For those, I use the same password for all of them. Finally, there are a handful of things which really do warrant real security: For instance, my account here got upgraded to this status back when I became a mod, and anything that stores my credit card information also qualifies. For those things, I do use a fully-secure password, that’s used for only that account. To produce such passwords, I start with some non-dictionary word (a proper noun, or something from an obscure language, or the like) that I can associate with the account in some way, then do letter-substitutions on it (A might become 4 or @, B might become |3 or 6, etc.) until I have some of each kind of character.

24

Oh yes, that’s my Pet Peeve. Username. They say “it’s your name”, but then they assign “d.deth”, “Doctor Deth” “dr deth” “dr.deth” or “dr.deth1”.:eek::mad::rolleyes:

25

Keep 'em coming folks! MitzeKatze I agree about CAPTCHAs. I’ve seen many that could not be interpreted by anyone.

I can add a pet peeve about password rules: the sites won’t tell you what the rules ARE. Because hackers might use the rules to break in. :rolleyes:

Yeah, right. Stop clutching your pearls! You’ve made rules so complex that that not even the bastard child of Spock and Rain Man could follow them. By these rules the password space has at least 10^27 possibilities. Just tell me what the rules are, so I have a snowball’s chance of selecting a valid password before I throw my computer through the nearest window. Because even with a more choices than Carl Sagan can enumerate, you always seem to reject the ones I choose.

Tell me the required password length, the required characters, how often it needs to be changed, the minimum change time, and which special characters are allowed. Don’t say “all of them” when I know from painful trial and error that only dash and underscore are allowed. It’s your system and your rules, you should be able to tell me what the real rules are.

Don’t treat the password rules like they are nuclear “go codes” - they Oedipally are NOT.

:rolleyes: x15, with at least two upper case letters, at least two lower case letters, at least two special characters, and not the same as the last 12 :rolleyes:

26

if you can flip between dvorak and qwerty easily you can probably remember a password.

27

I generally do what Chronos does. I have one or two standard passwords for low-security sites like accounts at websites where privacy isn’t an issue. I have another for sites where it is essential that I remember it because I may not always access those sites from my computer at home. And I have an algorithm for those systems that require insanely complicated passwords, like Airman’s payroll system.

I’ve also used medical dictionaries and leet-speak generators to come up with memorable passwords. I gave up on those and started using the system I have now. It’s easier that way.

28

Speaking of passwords, wouldn’t it be nice if your browser had the capability to make them visible when you type them. In other words, be able to tell the browser: “Hey, browser. Nobody is looking over my shoulder, nobody is even in the same room with me. Go ahead and display the password as I type it that way if I make a typo, I’ll see it before I submit”.

29

Okay, I see that passwords has been severely beaten upon, so there goes my #1 button-pusher.

My next “favorite” is the change management system system. Especially the one where I now work. Some places call it version control. It’s where there is a system in place to control changes to the computer programs we write.

Necessary and straightforward, no?

But the software and procedures drive me NUTS. The change management system currently in use is arcane, hard to use, and to get software changes moved from development to general test to user test to production involves at least:

  1. The developer
  2. The change management person
  3. The DBA (database administrator)
  4. The system admin

And, if any one of these screws something up, guess what? The system fails EVERYTHING back to development and the developer has to check everything back out, then back in, then promote all of the code back again. For instance, if I had modified 3 programs and one of them had an error OR if the CM person did something wrong and the code failed to compile because they did something in the wrong sequence, all 3 programs have to be checked out, the one program corrected if there was an error, then all 3 checked back in again.

And, again, this process is painful and slow and involved.

Also, let me beat upon the password dead horse; it hasn’t been punished enough yet, IMHO. Most of ours have to be at least 10 characters, have one upper case, one lower case, one number, and one special character. They change every 90 days. And you are NOT supposed to write them down (oh, yeah, I don’t write any of them down, they are so easy to remember after all).

Did I mention passwords?

30

That annoyed me too. But I discovered you can turn off that warning. Look under ‘advanced settings’.

31

I’m so baffled/frustrated by anti-virus software that I don’t even have specific questions. How’s that for helpful? :slight_smile: I suppose my issue is that I don’t want to ever have to do anything to it or answer any questions or deal with updates or anything at all. Ever. I’d like to never have to think about anti-virus software at all.

32

My local water works was so concerned about security that they added complexity requirements not just for passwords, but for usernames.

Seriously.

Net result: I never remember the damn name because it’s different than the one I already established for anything else – and I have several running usernames. But seriously, for the water bill? What are they going to do, pay my water bill for me? See how much water I used? Oh noes! Not even my checking account required me to use a different username.

33

Oh yeah. I have a couple “[bank]sucks1” passwords. I have to keep them on my phone as contacts because I can’t remember how to log in to bank and school loan sites that I access 12 or fewer times a year.

What really chaps me is “That password is too short.” If you have a requirement, would it ever occur to you to put that on the first page, instead of making people be wrong because they didn’t know? Duh.

34

Opt Out

35

There’s an [del]app[/del]addon for that.