SC_SVRider Posted April 21, 2008 Share Posted April 21, 2008 This was a phone conversation I had today with a user. User: I have a problem with my printer. I have been trying to print this MapQuest Map and it keeps printing blank pages. Me: Hmmm. Well, are you able to print anything else? Can you print and email? User: Let me try. No. It’s printing blank pages for that too. Me: Well, when was the last time you were able to print? User: This morning. Me: Have you done anything differently since then? User: Well I changed the Printer Cartridge earlier today. Me: Ok. When you changed the printer cartridge, did you remember to take that protective strip that holds the toner in the cartridge? User: Oh CRAP! Me: I take it that’s a no? *smile* User: Let me check. Me: Ok I’ll wait. User: Yep. It was still there. I took it out. Me: Well try it now. User: Its printing fine now. Me: Imagine that! User: You are a genius. Me: I try. Link to comment
Marty Hill Posted April 21, 2008 Share Posted April 21, 2008 Hey Rainey, I'm never gonna call you for tech support. Link to comment
SC_SVRider Posted April 21, 2008 Author Share Posted April 21, 2008 Hey Rainey, I'm never gonna call you for tech support. Sound to familiar Marty? LOL See you Saturday! Link to comment
Huzband Posted April 21, 2008 Share Posted April 21, 2008 I'm just surprised that you gave GelStra you're phone number. Link to comment
Joe Frickin' Friday Posted April 21, 2008 Share Posted April 21, 2008 This was a phone conversation I had today with a user. You do tech support? When did you move to India? Link to comment
BULLman Posted April 21, 2008 Share Posted April 21, 2008 At least it was plugged in What I hate is when I tried everything I could think of, and the IT guy turns it off and than back on and it works fine Of course, when you've done this already it can preplex them Keep smiling Link to comment
smiller Posted April 21, 2008 Share Posted April 21, 2008 Hmmm, I just changed the printer cartridge and now I get blank pages... I wonder what it could possibly be? Better call tech support... Link to comment
ghaverkamp Posted April 21, 2008 Share Posted April 21, 2008 After years of talking about it, we're finally regularly expiring all user passwords every 6 months. Being as lucky as I am, it's my project. We're doing around 6000 accounts total over the course of 3 months. Our help desk has been inundated by people claiming they've just changed their passwords, yet they're still getting expiration notices. Just today, a help desk staffer handled a user who said he changed his password weeks ago... But his old password continued to work! The help desk folks reported going through the process with users, and though there was a "Change Password" button, users kept hitting the "Reset" button (which since the dawn of HTML forms has been a browser built-in to clear af orm) and assuming that when the form cleared, their passwords were changed. We've dropped that. We have people who say they're using a variant of their old passwords, but we're not accepting it. Well, the message and the page notes that we've toughened our complexity requirements. People don't notice that the requirements next to the new password field get marked off the list (even though it's now in the instructions) as they meet complexity requirements, and so they're confused when the (now solitary) button is not enabled. People don't read and they don't pay attention. So, they stick toner cartridges in without removing those strips and they submit forms without looking at what they're doing (hence the success of phishing attacks.) It's maddening. (Go ahead and say it... it's probably why Microsoft writes questions that make no sense.) Link to comment
Damean Posted April 21, 2008 Share Posted April 21, 2008 I've had a gentleman out in California scream at me for a good ten minutes one day because he couldn't get his wireless internet to work in the hotel. Cussed at me, the hotel, the equipment we used, just telling us how horrible the service was, how he never had problems until he staid at this hotel. After he ran out of steam, I reached over and flipped on his wireless card switch. He got a real dumb look on his face, and after 5 seconds of silence, started screaming about how he never had to do that in any other hotel he stayed at....... People are just stupid sometimes Link to comment
Boffin Posted April 21, 2008 Share Posted April 21, 2008 We have people who say they're using a variant of their old passwords, but we're not accepting it. Well, the message and the page notes that we've toughened our complexity requirements. I hate over-complex password requirements and I think they are inherently insecure. People can't remember them so they write them down, hence insecure. Back on topic - I sit near our office scanner and I am an engineer in an office full of project controllers. I got tired of questions from people who could not understand that to work the scanner you select the Scanner icon on the PC. These days when asked I tell them I don't know how it works, otherwise I waste 15-20 minutes doing their scanning, file saving and organising for them. Andy Link to comment
smiller Posted April 21, 2008 Share Posted April 21, 2008 I hate over-complex password requirements and I think they are inherently insecure. People can't remember them so they write them down, hence insecure.Yes, that's got to be near number one on the list of obvious unintended consequences that IT people just don't seem to get. Requiring overly complex passwords (sometimes changed every month or so for good measure) invariably results in the passwords being written down, effectively reducing security rather than enhancing it. Link to comment
Woodie Posted April 21, 2008 Share Posted April 21, 2008 ...and yet, auditors keep on coming in and making a "finding" that passwords have lengthy (or no) password change requirements, and no strength requirements. Oh...and Microsoft OS and IBM Z/os define characters and rules differently! For example, IBM password rules allow vowels and consonants. MS rules control lower case, upper case and numbers. Link to comment
ghaverkamp Posted April 21, 2008 Share Posted April 21, 2008 ...and yet, auditors keep on coming in and making a "finding" that passwords have lengthy (or no) password change requirements, and no strength requirements. Yes. We have strict "complexity" standards because auditors demand them, not because they're more secure. More secure passwords would require explanation the auditors don't understand. However, I'm not entirely onboard with the idea that having written passwords is really terribly insecure. First, it depends on where they're written down. Lose a password stored in your wallet without anything tying it to a machine and what's lost? Not much. Second, physical security is already critical. If you put your passwords on a Post-It on your machine and someone can just come by and take it, then sure, that's a problem. However, if your physical security is so weak that someone is going to be able to get at your machine, find your password cache, and have time to make something of it, then you've got bigger problems. If I've got that much access, I don't even need your written password; I'll just apply a password sniffer. Most risks to passwords are remote, and unless you're living in a Star Trek universe, you can't get just any convenient remote camera angle on a piece of paper. That writing down passwords is inherently insecure is a myth. Link to comment
smiller Posted April 21, 2008 Share Posted April 21, 2008 That writing down passwords is inherently insecure is a myth. No greater than the myth that someone is going to make a brute-force attack against my email password, which is what my IT dept. seems to think. I guess I should be honored. Link to comment
ghaverkamp Posted April 21, 2008 Share Posted April 21, 2008 No greater than the myth that someone is going to make a brute-force attack against my email password, which is what my IT dept. seems to think. I guess I should be honored. The risk is that someone is going to nab the hashes and brute-force everything. From there, it's easy access. Once you're on a system, privilege escalation attacks are usually pretty easy. There seems to be some agreement that longer, more memorable passphrases would be better than shorter, more complex passwords. The problems are as Woodie stated, that you've got to get auditors to buy into that, and that you've got to make sure all of your services handling passwords can handle them. Neither of those is insurmountable, but there are lots of crappy auditors and systems already in place. Link to comment
Dick Posted April 21, 2008 Share Posted April 21, 2008 That was really inconsiderate. Shaun could have waited with that problem until he got home. Link to comment
Chris K Posted April 21, 2008 Share Posted April 21, 2008 That was really inconsiderate. Shawn could have waited with that problem until he got home. ROTFL!! Link to comment
Quinn Posted April 22, 2008 Share Posted April 22, 2008 Once I've solved someone's "dumb" problem, I think the best response is, "Thank you for giving me a problem that I could fix." Link to comment
Jerry Johnston Posted April 22, 2008 Share Posted April 22, 2008 Once I've solved someone's "dumb" problem, I think the best response is, "Thank you for giving me a problem that I could fix." I've had doctors who had similar problems so it's not that they're dumb they just seem to draw a blank when it comes to computers or don't want to concentrate on it. Link to comment
SC_SVRider Posted April 22, 2008 Author Share Posted April 22, 2008 That was really inconsiderate. Shaun could have waited with that problem until he got home. No comment. No... It wasn't Shawn. Link to comment
NoHeat Posted April 25, 2008 Share Posted April 25, 2008 When you changed the printer cartridge, did you remember to take that protective strip that holds the toner in the cartridge? I had exactly the same thing with my mother-in-law's ink cartridge. Except I wasn't clever enough to guess the cause of the problem when she described it over the phone -- I had to drive over there and discover it in person. Link to comment
eddd Posted April 25, 2008 Share Posted April 25, 2008 I'm the technical support person for my campus. Last Thursday I received this voice message: "Mr. G., this is Mrs. M. I need you to come and fix my printer. It isn't working, and I need to send an email." Link to comment
KrazyHorse Posted April 25, 2008 Share Posted April 25, 2008 My poor IT guy...I know I drive him nuts sometimes, but since we are kinda work-buddies (I actually call him my work husband) he can at least say the sarcastic things you other IT guys have to hold in. In fact, he was teasing me so much the other day, after he left I put a piece of tape under his mouse. Got him too. He never checked the underneath and just replaced it with a new one the next morning when it would not work. Mua-hahahahaha! I plan on jello-ing his stapler next. And no, it's not red. Link to comment
Woodie Posted May 6, 2008 Share Posted May 6, 2008 My poor IT guy...I know I drive him nuts sometimes, I put a piece of tape under his mouse. Got him too. He never checked the underneath and just replaced it with a new one the next morning when it would not work. Mua-hahahahaha! I plan on jello-ing his stapler next. And no, it's not red. ROTF, LOL! Hacked by an end-user! That is toooo funny! Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.