• (cs)

    Yuck!

    You'd think that network admins would want to know about the kind of tools that would make their lives easier!

  • Jens (unregistered)

    This can't be. You must be making this up. For the sake of the world...

  • DM (unregistered)

    While you're at it....please feel free to add your account numbers, credit card numbers, and any other sources of money we can take. WTF!!!

  • (cs)

    These same network administrators have probably set up an [email protected] email group and forwarder. Thus all it would take is one slightly faked email to garner the login credentials of most of the work force. Can't think of why you'd want to do that though...

  • Hamstray (unregistered)

    that looks very suspiciously like a phishing mail.

  • Laurent (unregistered)

    Awwe come on... This guy is real idiot... No wonder why he send this mail throught "Network Operations" and not is real name, myself would be so ashamed of that ;) This made my afternoon

  • (cs)

    One wonders what TS stands for.

    Technical Support? Trusted Security? Top Secret?

  • (cs)

    An email like that would get you fired where I work, its considered phishing on a grand scale... how is this not in violation of everything but the fire code?

    This is a new low/high for this site!

  • Mr. Steve (unregistered)

    TS = Terminal services?

  • Reply To All (unregistered) in reply to Jens

    I suppose if everyone is running as the Administrator user with password 12345, then reply-all doesn't really present a problem...

    Hey, it's possible!

  • Reply To All (unregistered) in reply to Iago
    Iago:
    One wonders what TS stands for.

    Technical Support? Trusted Security? Top Secret?

    Tight Security

  • (cs) in reply to Mr. Steve
    Mr. Steve:
    TS = Terminal services?

    Terminal being the operative word here, because I'm afraid the problem here is terminal for someone.

  • scruffy (unregistered)

    It pains me deeply that people so incompetent actually get hired...

    I mean, if I lost a list of passwords just a few months after I'd entered them all on the system, I'd be in REAL trouble.

    We need more info, exactly how is the sysadmin related to the boss,

    • nephew,
    • offspring,
    • sibling,
    • all of the above?
  • Hit (unregistered)

    Setting aside the fact there exist deployment tools for the moment...

    You ever wonder if the network guys at this so-called company sit and wonder why there isn't some "superuser" account in the domain of some sort that would let you log into boxes to deploy software and the like? I mean, surely that would be useful, I wonder why nobody has thought of it?

  • (cs)

    Okay, if someone is not on the list, how do they know that they need to respond to the email? I know, someone could "tell" them, but what's the fun in that?

    I think TS means Tough Search, as in Tough job Search. Good luck finding a new job.

  • (cs)

    I would say that it was fake, but... people never cease to amaze me.

  • TopTension (unregistered)

    Interesting that they signed their previuos new password email with:

    Network Security & Operations

    Now it's only:

    Network Operations

    ...

    Toptension

  • (cs) in reply to Iago
    Iago:
    One wonders what TS stands for.

    Technical Support? Trusted Security? Top Secret?

    Tremendously Stupid

  • (cs)

    My first thought was that TS stood for Terminal Services, which, if you think about it, makes the wtf that much better.

  • zapdog (unregistered)

    I saw this happen at a Government dept, in New Zealand. It was interesting to see what people chose to use as passwords. It was very enlightening.

  • (cs) in reply to zapdog

    I really hope that this is an attempt by IT to determine which users need to be educated about sending things like passwords.

  • (cs) in reply to rogueuser
    rogueuser:
    I would say that it was fake, but... people never cease to amaze me.

    Never, ever think, "Huh, there's no way this can ever be topped." (I might make an exception to the Customer Friendly System. That's still my all-time favorite on this site.)

    I've learned that no matter how made-up or crazy something sounds, it's quite possible that it's true. And worse, something will top it later.

  • C$\Documents and Settings\All Users\Desktop (unregistered)

    administrative share anyone?

    I've written batch files to copy more than just shortcuts across an NT network from desk ...

  • Todd (unregistered)

    If this is how you run your network, then you my friend are NOT a network administrator.

    Even the name indicates such...

    "Network Administrator" Noun: One who administers the network, typically from a discrete location.

    This company sounds like a Virus/security breach haven just waiting to happen.

  • (cs) in reply to Todd
    Todd:
    If this is how you run your network, then you my friend are *NOT* a network administrator.

    Even the name indicates such...

    "Network Administrator" Noun: One who administers the network, typically from a discrete location.

    This company sounds like a Virus/security breach haven just waiting to happen.

    Chances are, it has already happened, they just don't have the tools in place to detect it.

    Now where did I put that IP list for my pron library.

  • iMalc (unregistered)

    From: Staff Member Sent: Wednesday, January 17, 2007 1:06 PM To: Network Operations Subject: Network Password

    You want my password: BLOW_ME!

  • (cs) in reply to zapdog
    zapdog:
    I saw this happen at a Government dept, in New Zealand. It was interesting to see what people chose to use as passwords. It was very enlightening.
    All I can say is that if I received such a request for my password, after confirming it was legit and necessary, I'd change my password to "12345678" and send them that. This is clearly not an organization to be trusted with a "real" password. --RA
  • (cs)

    With all the hu-hah... I used to work at a place where the network password was given to you the day your started working. It never changed. For quite a few of the older people, this meant that their password was all digits. You could even login to webmail using this password. I also had all the passwords for the local office on a clipboard that I could carry around the office.

  • Greg (unregistered)

    Doesn't he have access to the password.xls spreadsheet on the share drive?

  • Chad Martin (unregistered) in reply to iMalc
    iMalc:
    From: Staff Member Sent: Wednesday, January 17, 2007 1:06 PM To: Network Operations Subject: Network Password

    You want my password: BLOW_ME!

    I'm sorry sir, but that won't work. It contains two special characters.

  • (cs) in reply to Edowyth
    Edowyth:
    ...You'd think that network admins would want to know about the kind of tools that would make their lives easier!
    Good Lord! This is almost like a Socialist make-work agenda for the network admins.
  • GSquared (unregistered) in reply to Iago
    Iago:
    One wonders what TS stands for.

    Technical Support? Trusted Security? Top Secret?

    Terminally Stupid

  • Bet your sweet dupa, I'm Polish! (unregistered)

    I don't get it. Where's the WTF?

    For anyone who replies, please include your userid AND password for your WTF account AND e-mail so that I may communicate with you personally on this matter.

    Please assist me in figuring out why this is wrong!

    Thx.

  • (cs)

    I'd change my password to "incompITent"! (yes, I know it's misspelled)

  • (cs) in reply to scruffy
    scruffy:
    It pains me deeply that people so incompetent actually get hired...

    I mean, if I lost a list of passwords just a few months after I'd entered them all on the system, I'd be in REAL trouble.

    We need more info, exactly how is the sysadmin related to the boss,

    • nephew,
    • offspring,
    • sibling,
    • all of the above?

    Note, in order for it to be all of the above:

    His dad would have to reproduce with his own daughter, whose son was the person in question. In other words, his sister is also his mom. Then he'd have to copulate with his mother/sister to have his nephew/son.

    Almost as complicated as if he was his own grandpa!

  • KentuckyBoy (unregistered) in reply to jgreen

    You put way too much thought into that. Is that your family tree <dripping with sarcasm>

    captcha test: ewww. The thought of the family tree in question.

  • lelitsch (unregistered) in reply to jgreen
    jgreen:
    scruffy:
    It pains me deeply that people so incompetent actually get hired...

    I mean, if I lost a list of passwords just a few months after I'd entered them all on the system, I'd be in REAL trouble.

    We need more info, exactly how is the sysadmin related to the boss,

    • nephew,
    • offspring,
    • sibling,
    • all of the above?

    Note, in order for it to be all of the above:

    His dad would have to reproduce with his own daughter, whose son was the person in question. In other words, his sister is also his mom. Then he'd have to copulate with his mother/sister to have his nephew/son.

    Almost as complicated as if he was his own grandpa!

    So, in other words, the company in question is in Alabama?

  • (cs) in reply to jgreen
    jgreen:
    Note, in order for it to be all of the above:

    His dad would have to reproduce with his own daughter, whose son was the person in question. In other words, his sister is also his mom. Then he'd have to copulate with his mother/sister to have his nephew/son.

    Also possible if he were to:

    1. Reproduce with his sister (the resulting child would be his nephew/son).
    2. Have his sister marry his father, so that his nephew/son would now become his brother-in-law.
    3. Success!
  • markbnj (unregistered)

    Oh shit, and I am job hunting currently

    Can I have this guy's email address so I can get a job at this company??

    Hee Haw.

  • (cs) in reply to themagni
    themagni:
    rogueuser:
    I would say that it was fake, but... people never cease to amaze me.

    Never, ever think, "Huh, there's no way this can ever be topped." (I might make an exception to the Customer Friendly System. That's still my all-time favorite on this site.)

    I've learned that no matter how made-up or crazy something sounds, it's quite possible that it's true. And worse, something will top it later.

    OK, here you are: The worst company I've ever worked with had two distinctive characteristics which are relevant for this story:

    • a nasty tendency to "forget" to pay me
    • username-password pairs that were mostly of the form MyInitials:MyInitials, or MyInitials:MyJobtitle (and never changed), plus the entire network accessible via ftp with similar credentials

    To make a long story short, this culminated in a situation where I was still working on and delivering some files to them while concurrently hiring a lawyer preparing to sue them. Apparently, scared by my readiness to sue unless paid, they thought I had "turned against them" and decided to block my access to the network for "security reasons". They did not even understand why I found that extremely funny...

    No, I did not make this up.

  • Butch (unregistered)

    If it is a terminal server environment just copy the damn shortcut to the all users\desktop folder. I wish I had a job like this where it's apparent you can drink during work hours.

  • Ifni (unregistered)

    The next WTF from this company will be the employee that gets terminated because his account was logged as browsing porn or some such, and the proof is irrefutable because "only the employee would know his password"!

  • Michael (unregistered)

    I'd love to be a fly on the wall for THEIR Sarbanes-Oxley audit...

  • (cs)

    so is the submitter staying employed at this company solely to provide content for WTF? 'cause i would quit over processes and procedures such as this solely to make a statement!

  • (cs)

    Easy explanation for this: The author of the e-mail is a developer drafted to toil as a sysadmin.

  • (cs) in reply to lelitsch
    lelitsch:
    jgreen:
    scruffy:
    It pains me deeply that people so incompetent actually get hired...

    I mean, if I lost a list of passwords just a few months after I'd entered them all on the system, I'd be in REAL trouble.

    We need more info, exactly how is the sysadmin related to the boss,

    • nephew,
    • offspring,
    • sibling,
    • all of the above?

    Note, in order for it to be all of the above:

    His dad would have to reproduce with his own daughter, whose son was the person in question. In other words, his sister is also his mom. Then he'd have to copulate with his mother/sister to have his nephew/son.

    Almost as complicated as if he was his own grandpa!

    So, in other words, the company in question is in Alabama?

    Maybe West Virginia !?!

  • (cs)

    Why is it that network administration doesn't have access to accounts with an administrative account? it's like a unix system without a superuser account.

  • (cs)

    Well ... I have always heard that people are the weakest link in any security scheme ... but dayum!

  • (cs)

    One thing I don't get is if they have to email the passwords to the admin to change them why doesn't he just keep them? Its like "Oops, I lost my list of passwords I guess I should ask everyone again".

  • Jamie (unregistered) in reply to Edowyth

    It's a trick, anyone who replied as disiplined for violaiting the company security policy.

Leave a comment on “Twice Annual About Security”

Log In or post as a guest

Replying to comment #:

« Return to Article