|
That's a lotta bull!
#SupportHeForShe
Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
Does it have one big udder or four smaller ones?
|
|
|
|
|
|
customer said: When the app starts up, load the user name from a file into the clipboard to they only need to paste it in and not type it in. Same with their password"
Makes sense. I mean we are supposed to be "automating the office work".
EDIT:
Also, if they (insert gratuitous self-promotion here ==>) use my C'YaPass app they will never have to type a password again, because it really will allow them to paste it in.
Users Hate Passwords (We're All Users): Never Memorize a Password Again[^]
I'm sorry, it had to be done.
|
|
|
|
|
Swordfish[^]
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Closed captioning is nice for work viewing.
Marx Bros. Also, you shouldn't a let out the password in the link, but I don't think hackers would figure it out.
|
|
|
|
|
Dagnabit! No one else is supposed to know that one!
|
|
|
|
|
I started to try to write a joke about someone asking for their password to be set to "there" and communication being a routine about there/their/they're, and where the guy points to being a peice of paper he pointing to.
but writing it down didn't seem as funny.
|
|
|
|
|
Sounds like an executive level request to me. So if you can accommodate them . . . . just them.
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
A system I worked on encrypted the password given on the login window and passed it to a component running on an app server which held it in memory for up to 8 hours. All the apps at startup would pass the userid to the app server to get the password. If the password was returned, it decrypted it and logged into the database, bypassing the login window. This allowed the user to only have to type their password once per day. The userid was filled in for them using WNetGetUser.
|
|
|
|
|
Roland M Smith wrote: All the apps at startup would pass the userid to the app server to get the password.
So, really, you just needed the right userid to login. Neat.
I can imagine all the hackers sitting and waiting on their mule to sign in for the day: "Come on! I need my daily access!"
|
|
|
|
|
Sounds like something similar to Kerberos. Maybe it was Kerberos.
Kerberos (developed at MIT) is an extremely well designed single-sign-on system that really could deserve to become a great success. It was one of the flagships of the open source, *nix based packages that was on its way into several of the widespread applications in the erarly 1990s: There were "kerberized" versions of file transfer programs, email, remote login, ... Web pages were not as essential then, but I believe there were web browsers supporting Kerberos authenitcation.
But then... Microsoft discovered it, saying "This is really great! We will build our distributed athentication on the Kerberos protocol". And the reaction from the open source community was exactly as could be expected in the early 1990s: "Is Microsoft using it? Then one thing is for sure: We will not! We will not have anything to do with something that has been touched by MS, even if it really comes from our side!"
So Kerberos was effectively killed by/in the open source environment. Aside from MS, still using it (but not promoting it as it should have been!), there is very clear to zero use of Kerberos. That is certainly not because "better" solutions have displaced it: 99% or more of all logins today are made on authentications systems clearly inferior to Kerberos.
Such is life. And getting sucher and sucher.
|
|
|
|
|
Could work if you added some face recognition routines
|
|
|
|
|
RickZeeland wrote: if you added some face recognition routines
Quote: Shouldn't be difficult.
Sincerely,
PHB
|
|
|
|
|
So their user name and password are both Ctl+V! Brilliant!
"Go forth into the source" - Neal Morse
|
|
|
|
|
Whether or not if this is a stupid idea (it is).
We as a business need to have a serious talk about passwords usage and security.
I'd rather be phishing!
|
|
|
|
|
I take it they don't want that file encrypted either, so they can easily update the password when it needs to be changed?
I'd be responding with "why not cut to the chase and remove all security?" Because you know that's what's going to be next anyway...
|
|
|
|
|
Oh that must have hurt, you had to sit there and listen to the request and NOT stab the speaker with a pen nor could you call him a bloody idiot.
I had the same requirement from a manager once, I want to sign in once and never again, and I worked in a bank. I referred him to the in house security department who castigated him rather thoroughly.
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
Mycroft Holmes wrote: castigated him rather thoroughly The first time I read that, I saw the word castrated. The funny part is, that works well too.
Software Zen: delete this;
|
|
|
|
|
|
Software Zen: delete this;
|
|
|
|
|
Well......... That may not be as crazy as it sounds...
Ok, actually pasting it is, of course, and Single-Sign On with some identity provider (AD) would be a MUCH better option.
But I've actually worked with a VPN client once where I was able to put my username and password in a file somewhere in My Documents or some such (may also be a public folder such as Program Files, which would be stupid) and the VPN would automatically connect with those credentials if I was logged in.
If I deleted the file I had to type in my username and password every time I tried to connect.
I didn't think it was the safest option, but at least it was easier than manually logging in each day.
|
|
|
|
|
For a small app (WinForms, not web) I wrote for an employer some years ago, I had it get the user's Windows Identity and match it to the profiles in the system. And if the user wished, he could set his profile to accept the Identity as proof of authenticity rather than requiring the password.
Logging into the same profile from another Identity would require the password.
Hmmm... does that qualify as two-factor authentication? Authenticate against Active Directory and then against the application?
Only four people ever used the app and I, of course, set my profile to auto-authenticate with my Identity.
|
|
|
|
|
If they're using Active Directory, you could use that for authentication. Most of our apps at work are set up that way, even our web ones. Granted, the web ones we have to enter in our information again, but at least it's one less thing to remember for a work related task.
|
|
|
|
|
I can fully understand the request. A better solution would be to have the software automatically use LDAP to confirm credentials.
|
|
|
|