Welcome to the second, less frequently-posted decade of RevMod.

Contact me at revmod AT gmail.

Thursday, August 26, 2004

Holy shit!

Actually, Bear, what has captured my attention today isn't so much Canadian Idol or the Olympics - it's a sober consideration of our species, and if we might collectively be up for a Darwin Award.

In my past few years with TELUS, before my current employment as card sharp, my primary responsibility was setting and resetting passwords. The role expanded and changed, but to the very last day, I was still setting an obscene nuimber of passwords every day for TELUS employees. Over the four years, I used a single generic password for network accesses. I guarentee you that there are still thousands of TELUS employees using that password, because they couldn't be bothered to secure it through changing it.

I heard a lot of password-security horror stories over those years. Here's a favourite: I was stepping a user through setting a passcode that had to be numeric. I blanked the passcode, and with some difficulty walked the client to the appropriate point where he would be able to set one for himself. The screen prompted him. He asked me, at the other end of the telephone, if it would be okay if he set the number to be the same as his bank card PIN: 462213.

That was my favourite password horror story... until today.

According to the Harper's Index in the September issue of Harper's:

Secret access code to the computer controls of the U.S. nuclear-tipped missile arsenal between 1968 and 1976: 00000000
Mother of God! How have we managed to survive the nuclear era so far? Perhaps it was my time at TELUS, or my time now spent playing poker, but in my experience, human beings are by-and-large not very smart.

No comments: