- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
I would have assumed the LCD was broken, too.
I mean, really... out of the 1,000 or so times that I have used an RSA token, I have never, EVER read it upside down, even for a second.
It's just as stupid as reading a magazine upside down and wondering what language its written in. I just assume nobody -- especially a board member -- is dumb enough to do that.
Admin
I don't know about the RSA security tokens you guys use, but how mine works for a system I access - I press a button and 6 digits appear on the screen. There's apparently some kind of internal clock keeping the two systems in sync.
If you make a mistake typing in the security code, you can just try again. It's not like the account locks if you mistype your security code. (That would be stupid in most systems.)
So, I don't see why a system couldn't be devised, which couldn't just, when it notices that the code doesn't match, just attempt to turn the code "upside down" in software (trivial to do) and resubmits the code, turned upside down to the login system.
If the login succeeds, it'd let the user in, but not before smacking a dialogue in his face admonishing him for not turning his security key the right way up.
Admin
Oh, this could also turn a mistaken input of all-digits and turn it upside down as well. No need to check whether there are any letters in the input - thogh if there are, that's a sure-fire way to know to turn the code upside down before submitting it.
Admin
This means you have never done technical support in your life and that you've never met anybody at director level or higher in the corporate world.
Admin
OR perhaps simply write "this side up" on the casing or put an arrow on it or the like...
Admin
We discovered
71346315
and 7353
in our math classes. First is Godwin-related, second is what nazis are ;)
Admin
I know government is bad. It just is - everyone who works in or near the government is lazy, stupid, and incompetent. There is no beaureacracy that exists solely to keep stupid people in important jobs.
Everyone who works in private enterprise, however, is brilliant, motivated, talented, and quickly evicted if that turns out to not be true. There is no beaureacracy keeping stupid people in important jobs.
Therefore if a person is smart they work for a company, and if a person works for a company they must be smart.
Anyone who believes differently is a smelly socialist.
Therefore "anybody at director level or higher in the corporate world" is as smart as they could possibly be, and would never hold anything upside down unless it is supposed to be used upside down.
That's a well established internet fact. You can check on wikipedia if you don't believe me.
Admin
or, better, you start wondering who's the moron that designed the token without any distinguishable indication of what's top and bottom.
just consider for a second the unlikely event of a 999999 or 666666 combination...
i used to have one for our VPN here, you couldn't tell how to read it without having it display the number. that's plain dumb.
M
Admin
It took me half a day to work out someone was using a trackball upside down! The report was that mouse cursor moved in the wrong direction - it wasn't till I asked her how she was holding the trackball I realised what was going on - she had it upside down and was using it like a mouse.
And to be fair to the original person holding the SecureID tag upside down, with the old ones the only way I could tell was to check for the countdown ladder at the left-hand end of the display. The new ones aren't so symmetrical in shape.
Alan.
Admin
Admin
7 could be read as an L though
Admin
This is silly. All these people complaining about leaving 7 in instead of about getting rid of 3 and 4...
Not true. "If you wish to have a system sufficiently robust to deal with" that, you just check if the input is all-digits (3s, 4s, and/or 7s) or all-alpha (E's, h's, and/or L's). How hard would that be?Admin
"after calling him up ..." "i asked him to please tell me ..." [current private code]
Ah, I see the hidden WTF there.
Next time you call him up, tell him you're a clerk at his bank and you need him to confirm his credit card number to you.
Admin
The best solution obviously would be to have the system accept the upside down tokens, too. It's not like it would be difficult to program or make the system significantly less secure...
Oh, and the "Password in the username field" thing isn't a real WTF. That's most people would do if they couldn't get the credientials to work after a couple of tries: try them capitalized, swap them around etc.