Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "password reset take 3"
-
Day 1 10:00 am
Login to email account (Zimbra)
Your password is incorrect (I entered it correctly, this was a permanent issue ,used to happen in the company with many employees)
Reset your password by logging into internal company portal.
11:00 am
Logged into company portal, somehow. 2 Mbps internet shared among 104 people, you can imagine the speed.
Reset email password
* your password has been sent to your email id*
Are you fucking kidding me? U have emailed me the password to the same email I can't log in to?
Where did the architecture designer get this top notch weed from?
Day 2
Asked HR to reset my password (using a colleague's email)
Day 3
No reply from HR yet
Day 4
I went to meet HR, she's on vacation. So they have 1 person managing the password reset, for 5000 people with no backup person. Cool.
Day 5
Your internal company password has expired. Check your email for link to create new password. This is some next level shit going on.
Day 6
I called up Internal IT team to generate a new email for me.
They asked me to raise a ticket.
I can't raise a ticket because the only way to do so, is through the portal.
Day 7
Nothing. Btw, personal email and all social networks were banned. You can't even open stackoverflow.
And this was a research lab, amazing huh?
Day 8
Loss of pay for 4 days since I can't login to company portal to fill timesheet.
Day 9
HR comes back. Resets my password.
I try to generate my new password for portal.
The password policy:
Password can't be same as last 10 passwords
Passwords expire every week
8 characters minimum, 2 upper case, 2 lower case, NO SPECIAL SYMBOL. WTF. How long do u think its gonna take to crack that?
Fuckers had a company wise policy to automatically lock PC every 1 min if not used. Who the fuck can keep on using it continuously! I'm reading an article, and bam ! Locked. 2 wrong entries and that's it, repeat all steps again. Fuckers really didn't want to let me do my job, just keep on logging in all day.12 -
This happened when I got my first IT support job. Naturally as a 1st line support you get to do the fun and not at all tedious thing of resetting passwords.
So I take a ticket from one of our HR people where they say that 3 new employees can't access a certain system.
Without going into too much detail here I reset the passwords according to our procedures and be done with it.
But at the end of the day it turns out that one of those 3 new employees was the new CEO, and he was known to be not the most pleasant of people to work with.
So ofc there was a chain of emails with the words "How can someone not know who I am" in there somewhere.
Had a nice stressful weekend wondering if I'll still have a job after Monday and we had a whole new password reset procedure created because of that.2 -
Fuck apple for making it as hard as fuck to sign in to my fucking apple id. Because my ex wife was my "trusted" number, I couldn't get an authentication code. Tech support told me it would take 3 days to reset my password.
After 3 hours of fucking around, I finally was able to reset my password.
I've been trying to get my kids to watch stupid Indiana Jones for years. They finally agreed. After going through 3 hours of BS so I could buy the movie, we start watching it. Literally, as the boulder is rolling down toward Dr. Jones, the movie stops suddenly so that Apple can verify my purchase!
Then, it asks me to buy it again!4 -
About 3 years ago, my girlfriend had this laptop that she got from her University. She had to give the laptop back to get reset, but didn't want to lose all of her data on it, and a backup would be around 750GB.
So I suggested that I would backup the laptop (was thinking to just dd an image and go from there). So I plugged in my mobile USB and external hard drive, and started the imaging process. Given the amount of data and setup, the process should have taken about 5hours. So we left it there for 5h.
Please be mindful that at this stage in my life I knew very little about boot processes, oses, and hardware.
5h after. The laptop screen is black and it ain't responsive. Not sure what happened, the dd process was completed, but the laptop refused to boot into windows. Tried a number of boot tools, and spent a crazy night hacking at the machine. But the university had some of sort of fail safe to not allow anyone to boot into windows if someone opened bios without entering a password. Whatever this was, I spent over 12h trying to either open mount the windows partition with a Ubuntu usb or mount the corrupt dd image on my laptop.
Long story short, after throwing at it a number of fixes. I was able to mount the image, copy out all of her personal data, and reinstall a new version of Windows on her laptop. The university didnt understand why the laptop was already reset. She still mentions this to me anytime I want to take a "custom approach" to software lol2 -
Oh my dear internet,
FUCK THIS FUCKING SHIT
I AM SICK AND TIRED OF IT, WHO BUILT THIS HACKED TOGETHER ORWELLIAN SWAMP PIT?
Fuck the same fucking Envato template on every content page with 70 layers of sidebars, inline ads, popups, cookies and content shifting as if I was playing CATCH UP WITH YOUR FUCKING CONTENT.
FUCK the same fucking annual upselling 'plans' on every 7-day trial overengineered scam app that requires me to sign up for 1 fucking, falsely advertised task where my fucking password generator doesn't even recognize the input as a password field so I have to cmd+, to my FUCKING BABYLONIAN PASSWORD ARCHIVES PROMPTING ME FOR THE MASTER PASSWORD.
Thank god I can at least CREATE A BURNER CREDIT CARD THAT FREEZES ITSELF BECAUSE I CANNOT BE BOTHERED TO UNSUBSCRIBE FROM YOUR FUCKING STEAMING CRAP.
FUCK every fucking step I take being recorded by our CYBERPUNK OVERLORDS REQUIRING ME to sign up for 5 different fucking privacy protection tools' annual plan or duct tape some open source shit onto my browser just for some BASIC PRIVACY WHILE TRYING TO NAVIGATE ALL THE OTHER 5000 annuals plan naval mines like A FUCKING FRENCH SUBMARINE IN 1940 GERMAN WATERS.
FUCK my walled garden scam ecosystem not being compatible with your walled garden scam ecosystem prompting me to reactivate my old SATANIC GOOGLE DON'T BE EVIL ACCOUNT from 2012 sending me on a DANTE ALIGHIERI STYLE ODYSSEY THROUGH THE 9 LAYERS OF PASSWORD RESET QUESTIONS, UNEXPECTED ERROR, 2FA MY PHONE DIED HELL to come out on the other side as a broken man.
Thank GOD I have your useless SUPPORT PAGE to aid with my signup problems that is actually just an FAQ with a hidden EASTER EGG HUNT for your support form CRISP AI BOT THAT IS ALSO 'currently experiencing high demand due to COVID' which is peculiar since that has been 3 years ago, but fortunately for you enabled you to fire ALL YOUR SUPPORT STAFF AND REPLACE IT WITH THIS BANNER.
I might as well just SCRAPE your fucking content, it'd be faster.
And although it is quite funny, FUCK THIS PAGE TOO for having me create another of 10.000 accounts to write this shit, where my browser firmly placed a newly created burner email into the PASSWORD FIELD.
I do not know how we managed to create something that is even more unwieldy than 56k DIAL-UPS, but I know that if this shit continues I'll have to train my own AGI to proudly interact with of all this STUPID SHIT on my behalf or I'll have to move into THE FUCKING MOUNTAINS AND LIVE WITH THE DEER.2 -
!rant
This is fucking how you do it!
Ticketmaster UK had a "data security incident" where they don't really know if any data was actually leaked/stolen/"accessed by an unknown third-party" — their response:
1. Disable the compromised service across their platforms
2. Send a mail to any customer that may have been affected (I got one in Danish because I had only interacted with them through a Danish subsidiary)
2b. All notified customers have their passwords reset and must go through the "Forgot password" process; the _temporary_ password they sent me was even pretty nicely random looking: ";~e&+oVX1RQOA`BNe4"
3. Do forensics and security reviews to understand how the data was compromised
3b. Take contact to relevant authorities, credit card companies, and banks
4. Establish a dedicated website (https://security.ticketmaster.co.uk/...) to explain the incident and answer customer questions
5. "We are offering impacted customers a free 12 month identity monitoring service with a leading provider. To request this service please visit [this page]"
EDIT: As mentioned and sourced in the first comment, the breach was apparently noticed by a banking provider and reported to Ticketmaster on the 12th of April and later to Mastercard on the 19th of April.
Ticketmaster's internal investigation found no evidence of breach (which makes sense, as it wasn't an internal breach), but when Mastercard issued an alert to banks about it on the 21st of June, Ticketmaster followed up by finding the actual breach and disabling the breached third party service on the 23rd of June.
I still think they did the right thing in the right way...2