â€ðŸ™… THE BAD IDEAS THREAD
-
here at work passwords must change every 90 days, be strong passwords (according to an idiotic set of rules that mean they don't tend to be strong or memorable) and can't repeat the last 20 passwords. oh and once set can't be changed for a minimum of 60 days.
We have similar stuff. And they send you an email, 20 days before it expires, nagging you to change it. WTF, yeah, because I what I really need is to change my password more.
-
But I'll leave this if it duplicates.
If only for the funnies!
Bad idea: a forum software that auto duplicates forum posts ...
-
Similar at my work. I wait until they expire just to try to get another day or weekend out of it.
We have to change our RSA PIN every 90 days as well and the dates of that and the password are not in sync, so it feels like I'm constantly changing something.
-
here at work passwords must change every 90 days, be strong passwords (according to an idiotic set of rules that mean they don't tend to be strong or memorable) and can't repeat the last 20 passwords.
Same here, with the added bonus that if you try to change your password after it expired from a Linux box and enter an invalid password (too short/too long/similar to previous one/not enough special chars), it will complain with a very generic error message. And if you fail this test 3 times, game over, your account get locked out.
I am now very cautious when I need to update my password...
-
hmmm... what can be said about someones start menu?
-
once set can't be changed for a minimum of 60 days
That's TRWTF. How does that increase security in any way? All it means is that if you suspect someone might know your password you've got two months before you can do anything about it.
My job has no password changing requirements and the only complexity requirement is that it has upper case, lower case and numbers. Apparently it's only in the last year that they've been requiring passwords at all
-
indeed.
My Dev VM that one. it gets more use than the host machine if i'm honest.
-
That you have to update Xubuntu or use the new Whisker menu.
-
That's TRWTF
no argument from me. good news is that that requirement is probably going away soon. the new person in charge of security is significantly less paranoid than the one that set that requirement.
-
why? i spend 99.9999% of my time in the terminal.
literally the only reason the thing boots up into X is because that's how the base image was set up and i never bothered to change it.
-
I like our password policy, it requires us to change every 90 days but it doesn't track previous passwords. I set it to a new temporary password and then immediately change it back to the old one, and then forget about the policy altogether for the next 90 days.
-
while we're on the subject of passwords:
BAD IDEA: Forbidding the use of spaces in passwords. It's a sure sign that you're storing them WRONG (/me glares at microsoft)
why can i not use
i am a fish that flies among the stars
as my password?there's enough entropy there that it's effectively unbreakable! (at least in the near future)
but nooo.... M$ won't let me use a space in my passwords, and there's a maximum password length... .... GAAAAAAH!
/me explodes in a cloud of rage particles, destroying 1/2 of Maine and most of New Hampshire in the process. Oddly this goes entirely unreported in the news.
*note, i made that password up just now. but it is pretty epic. must remember never to use it now that i've shared it.
-
The other week I encountered a login system (admittedly for a low security situation, but still) where if the username/password is incorrect a message pops up telling you something along the lines of "Failed to log on with username 'Jaloopa', password 'Hunter2'"
-
-
Just spotted in the application I'm working on:
CheckPassword(); if (m_Result == false) { MessageBox.Show("Password is incorrect, this feature cannot be access!","Invalid Password"); }
And the CheckPassword function? Must be pretty smart to work out if a feature can be access!
private bool CheckPassword() { m_Result = (textBoxPassword.Text == GetStringValue("Password")) ? true : false; return m_Result; }
ahh, the old ternary ? true : false anti pattern
-
Does it also use
m_Result
somewhere else apparently unrelated, but requiring that the order of operations is specific to function with any degree of sanity at all? That sort of hidden workflow dependency in the code is always a massive sign of awfulness elsewhere; you simply can't trust that the rest of everything doesn't have trouble buried.
-
But don't take away the VGA port in the process.
If you really care about that (and you shouldn't, VGA is shit), tell the guys in charge of VGA (assuming they aren't all dead) that they need to develop a slim connector for it. Because I don't want my laptop being like 3 fucking inches thick because douches like you want a 1988-esque VGA connector on it.
My current laptop, which is 3 years old, is slimmer in its entirety than a VGA port. BY FAR.
(Can anyone tell how I spent my Thanksgiving weekend?)
Being a luddite?
-
But don't take away the VGA port in the process.
meh. just give me a mini display port or a HDMI port and i'll buy a $2.99 adaptor to turn that into a VGA port should i need the VGA port.
-
meh. just give me a mini display port or a HDMI port and i'll buy a $2.99 adaptor to turn that into a VGA port should i need the VGA port.
But that'll add loads to the overall price of the Raspberry Pi!
-
you mean the one that never had a VGA port?
the A and B had Composite video (that RCA plug) and HDMI the B+ just has HDMI
-
da_Doctah:
But don't take away the VGA port in the process.meh. just give me a mini display port or a HDMI port and i'll buy a $2.99 adaptor to turn that into a VGA port should i need the VGA port.
But you don't have the adapter because your presenter didn't specify they needed the new ports. Nearest store that sells one is half an hour away in traffic, and it's Black Friday. Presentation starts in five minutes.
Your move.
(Hey, we've got this great new keyboard that'll let you type whole words and phrases with a single gesture. But to do that we had to leave off the H key.)
-
But you don't have the adapter because your presenter didn't specify they needed the new ports. Nearest store that sells one is half an hour away in traffic, and it's Black Friday. Presentation starts in five minutes.
First of all, I do have the adapter for my laptop because I'm not an idiot. But in your hypothetical "idiot" scenario, I'd simply borrow someone else's laptop. One owned by a non-idiot.
-
But you don't have the adapter because your presenter didn't specify they needed the new ports. Nearest store that sells one is half an hour away in traffic, and it's Black Friday. Presentation starts in five minutes.
- I'm the presenter: If i don't have the requisite adapters on hand and the knowledge on how to use them then i shouldn't be presenting. at all. i mean if i'm missing a S/p DIF adaptor that's excusable but i should at least be able to get from whatever i have to VGA/3.5mm stereo
- if i'm the tech guy at the presentation place: i should have a selection of the most common adaptors on hand because of this situation, because that's what a good tech guy does.
-
Are you that guy from this article?
-
That's TRWTF. How does that increase security in any way? All it means is that if you suspect someone might know your password you've got two months before you can do anything about it.
My job has no password changing requirements and the only complexity requirement is that it has upper case, lower case and numbers. Apparently it's only in the last year that they've been requiring passwords at all
Our parent company mandates that our passwords can only be changed once every 24 hours. This has caused a lot of issues, and we're trying to fight back on this, but we doubt that anything's going to happen...
-
I was looking around the Interwebs for a way of setting the top-left corner as coordinate (0,0) in Inkscape and got baffled by this:
Inverted ruler co-ordinate system
The bad idea seems to be:
Things started out with hardcoded math
TRWTF is that this was reported on 2003... 11 years ago!
-
-
The group of about 20 people formed a human chain across the 14th Street Bridge [on I-395] at D Street NW Monday, shutting the bridge down at the heart of rush hour. Police stood by, giving the protesters time to peacefully share their message.
WTF, arrest those assholes already. I'm sure they won a lot of converts with that stunt. This is how you know they're either idiots or just want to exploit shit for the attention it gets them.
-
Seemingly arbitrarily deciding what is nice sex and what is
not nice sex, the board has banned the following acts from being
depicted by British pornography producers:- Spanking
- Caning
- Aggressive whipping
- Penetration by any object "associated with violence"
- Physical or verbal abuse (regardless of if consensual)
- Urolagnia (known as "water sports")
- Female ejaculation
- Strangulation
- Facesitting
- Fisting
The final three listed fall under acts the BBFC views as potentially "life-endangering".
What the fuck are you doing, UK? Stop banning things that don't hurt anyone!
-
Spanking
Caning
Aggressive whipping
Penetration by any object "associated with violence"
Physical or verbal abuse (regardless of if consensual)
Urolagnia (known as "water sports")
Female ejaculation
Strangulation
Facesitting
FistingSo basically, UK porn will just be soft-core Skinemax type stuff now? Also, I want to know who decides when whipping crosses over from playful to "aggressive"? Or who decides what an "object associated with violence" is? I mean, I watched "Lock, Stock and Two Smoking Barrels" and a guy was beat to death with a 15" black rubber cock in that movie. I associate it with violence now.
-
Preface: Hmm - sure I'd posted this last night. Oh well...
> alongside tagger.
I do hope that's not the one I've got on my test instance - it doesn't work. At all. And it only tags topics, not individual posts.
Well.. it's supposed to.
-
it doesn't work. At all.
Given that it's a 3rd party plugin, it's never going to work for long. Discoreleases have enough problems with breaking discourse itself, let alone code that they don't own.
-
Penetration by any object "associated with violence"
In sexual violence, also known as rape, often a penis is used to penetrate, therefore, all hardcore porn involving penises is now banned. Way To Go, UK >.>
-
In sexual violence, also known as rape, often a penis is used to penetrate, therefore, all hardcore porn involving penises is now banned. Way To Go, UK >.>
Spoken like a libertarian. ;)
-
@Intercourse said:
Spoken like a libertarian
Drat, I was aiming for SJW. I'll come in again:
"Penises are the ultimate symbol of violence! Porn is a microagression!"
Better?
-
Better?
Much. What's your tumblr page? Is it as full of as much slacktivism as those words?
-
Ouija boards in 2014
Still a better board game than "Fair Go"
‘Fair Go’ is a new family board game specifically created for Generation Z.
It is about competing to find the winner with the best reputation for philanthropy and social justice.You can tell it's marketed to sharp game players (ages 8+) based on this entry in the FAQ:
Q2. I am 20 years old and want to play the game for 2 hours? Any suggestions?
Play the best of 3 rounds with the winner taking a handicap for the next round by having to get 5 rings instead of 4. Also keep using the Fair Go cards in the pile for the next 2 rounds until the pack is completed and you start again.
-
Porn is a microagression!
I thought the casting process usually filtered those guys out (except for the dwarf stuff, of course).
-
Still a better board game than "Fair Go"
As my brain attempts to parse all of that, it chokes on all of the stupidity. - shudder -
It is about competing to find the winner with the best reputation for philanthropy and social justice.
If they lived their SJW BS, they would have no time or money for philanthropy because they should be living in a Buddhist monastery or some shit.
winner taking a handicap for the next round by having to get 5 rings instead of 4
Sounds just like something that someone who would buy this game would think is fair. Handicap those who excel. Drag us all down to the same, shitty, level...
-
@Intercourse said:
Sounds just like something that someone who would buy this game would think is fair.
Eh, I don't have a problem with a handicap system. Especially when playing with kids. TRWTF is the question.
-
British pornography producers
"Do you have some light reading?"
"How about this pamphlet on Jewish sports heroes?"
-
I don't have a problem with a handicap system. Especially when playing with kids.
I agree, but that does not reconcile with:
Q2. I am 20 years old and want to play the game for 2 hours? Any suggestions?
If you are 20 years old, you need to get rid of the handicap system. Life is tough, get a helmet.
Also, even with kids, there is no handicap system for "Chutes and Ladders". That fucking game is just pure random chance. No strategy, and that infuriates me...
-
@Intercourse said:
strategy
Have 6 loaded dice, one for each number. Learn sleight of hand and the skill and strategy become palming the dice without anyone noticing, and workings out a fast route up the board
Edit:
Hard mode - each of the loaded dice is a different colour
-
Have 6 loaded dice, one for each number. Learn sleight of hand and the skill and strategy become palming the dice without anyone noticing, and workings out a fast route up the board
Subterfuge only counts as strategy when you are at war.
-
ooh, Risk with loaded dice!
-
@Intercourse said:
If they lived their SJW BS, they would have no time or money for philanthropy because they should be living in a Buddhist monastery or some shit.
Hey man, why are you insulting Buddhism? What did they ever do to you?
-
ooh, Risk with loaded dice!
This is how you know that programmers have programmed themselves to look for edge cases. ;)
Risk is not a game, it is a fucking hobby. No game lasts that long.
-
Hey man, why are you insulting Buddhism? What did they ever do to you?
Not insulting Buddhism, but if most SJW's lived what they preach, that is where they would be living.
-
Have 6 loaded dice, one for each number.
All versions of Chutes and Ladders that I've played used a spinner.
-
@Intercourse said:
Not insulting Buddhism, but if most SJW's lived what they preach, that is where they would be living.
A large part of what they preach is that anyone who disagrees is utter slime and should die in horrible ways. This is the part I have a hard time believing Buddhists would be okay with.