Yeah, I guess. But it does get very frustrating. The worst that I’ve yet encountered is the CRA (the Canadian equivalent of the IRS). The last time I tried to log in to my online tax account, it noted that I had not logged in in a while and demanded the answers to no less that FIVE security questions. They were all personal questions to which I knew the answers, but I didn’t remember the exact wording of the answers! And was denied access.
I later found a screenshot of the initial dialog that had all my exact answers, but it may be too late as I may now be locked out.
Money is continually stolen from individuals. It doesn’t stop. AI is making it easier and easier to steal your money. Yes it is frustrating, but times are bad on the cybersecurity front.
Maybe AI should make it easier for legitimate users to authenticate themselves. If the security question is “what is the name of the street where you lived as a child?” then the answer “5th Avenue” should not be rejected when the answer on record is “Fifth Avenue”. That’s the kind of security minutiae that pisses me off and threatens the whole system.
I thought it was weird, but it’s a new job, so i asked coworkers, and they all said they had to enter the bitlocker password when they turn on the computer. Someone in IT presumably thought it was a good thing.
I also don’t need to enter my full password, just a passcode
Security questions are and have always been the worst security measures of all and should have gone the way of the dodo decades ago. Easy to guess, and easy to forget. I’m extremely puzzled why some sites still use them.
Odd approach by that IT shop. That leads to people taping that recovery key to the laptop since no one can memorize that (well, nearly no one…certainly not me).
And yes, password, PIN, biometric, etc. Something has to be entered that only you should know or possess.
Did i mention the bitlocker code is only a dozen characters, and a few of them are related to the company name and easy to remember? It’s no worse than learning a phone number, or a password you didn’t select. I haven’t learned it yet, but I’m sure i will.
To the best of my knowledge, a BitLocker key is always a 48 digit number. I’m not sure what you’re being asked to enter, but I don’t think it’s a BitLocker key.
When I turn on the laptop, I get a blue screen that says something about bitlocker, and nothing else. And it doesn’t boot up until I enter that key. It may be some bespoke corporate version of bitlocker, but I’m pretty sure it’s bitlocker.
Ah, that is a Bitlocker password, not the recovery key. This is what is typically used for external USB drives. That isn’t as crazy as the recovery key. Still, I think lots of IT decisions would lose their jobs if this was standard practice. Maybe you are in an industry that has to adhere to high cybersecurity requirements?
Oh, very much so. I deal with lots of private information, including a certain amount of private personal information. Actually, i might not use private personal information in this particular role, but it’s common in my industry, and i did in two recent roles. (And i have access to lots of private corporate information in this role. Our clients trust us to keep it private.)
That only turns up an option to back up the key, but no option to disable Bitlocker. Other clicks turn up “easy” options to upgrade to Windows 11 Pro or Enterprise.
But after a bunch of clicking around in “Settings”, I found a screen with a slider switch that offered the opportunity to turn off local drive encryption, which I turned to “Off”. Windows proceeded to de-encrypt the drive. I trust and hope that I will never be bothered by Bitlocker again!
I’m currently playing around with my new Win11 laptop, and so far it’s not too bad. I’ve managed to beat it into submission regarding its draconian security protocols, so that I can now power it on like a normal computer without having it demand a password, PIN, fingerprint, facial image, or the precise length of my penis in any particular state of arousal.
just want my computer to fucking turn on. Is that too much to ask?
Someone in IT presumably thought it was a good thing.