• J (unregistered)


  • Matt Whitfield (unregistered)

    The real WTF is the guy who contemplated suicide just because he encountered bad practice.

  • Quite (unregistered)

    Young lad comes back from a day out with his school, visiting a working farm. When he got back, his mother asked him what he'd been up to.

    "We saw lots of pigs, 'orses, 'ens and ducks. Oh yeah, and a field full of fvckers."

    "I beg your pardon!"

    "Yeah, that's right, that's what 'e called them. Fvckers. Well, 'e actually called them 'eifers, but we all knew what he meant."

  • null null (unregistered)

    So anyone with remote access to the server can see the service passwords? Is there any reason to be granted access other than to muck about with services? What's the problem?

  • MiserableOldGit (unregistered) in reply to null null

    Yeah, if they're bad news and logged in with privileges your server is already bent over with its trousers round its ankles, why delay the inevitable?



  • Jerepp (unregistered) in reply to MiserableOldGit

    ... So this is really just lube?


    Yes, but do they proactively facilitate next-gen potentialities to acupuncture agile value streams?

  • Greybeard (unregistered)

    This is only a WTF if the true administrator password is literally "theActualEffingPassword".

    I, as a developer in a small shop, had to occasionally run updates and reboot a 2008/R2 server that had been well and securely set up. Because dealing with the machine was not part of my day in and day out routine, syntax for the commands I most frequently used would fade from memory. I could see the value in building a little pop-up FAQ -- as long as you aren't revealing The Actual Effing Password.

  • Nobody (unregistered) in reply to Greybeard

    Yeah, there wouldn't be anything wrong with that.

  • MiserableOldGit (unregistered) in reply to Jerepp

    Well, more the server looking over its shoulder doefully, batting its eyelids, and saying "be gentle!".

  • Zenith (unregistered)

    Versus, what, a situation where some dummy set these passwords and never recorded them anywhere with anyone? No thanks, I'll take this pop-up over that any day of the week.

  • Mr. F (unregistered)

    Why is RDP mocked as something from the distant past? What, do you guys teleport to your servers?

  • Appalled (unregistered) in reply to Mr. F

    Dameware. RDP sucks donkey dick.

  • Raj (unregistered) in reply to Appalled

    Dameware? That's still a thing?

    Do you also use ghost, ws_ftp and/or PartitionMagic?

    I would have thought that by now all these things would be shelfware acquired by Symantec or SolarWinds and forgotten by all.

  • Josef (unregistered)

    Isn't the real WTF to consider ~8 years old server software as 'ancient' stuff from the 'distant past'? Is that typical in the Windows ecosystem? Or why is that written so excessively dramatic?

  • Friendly_Reminder (unregistered) in reply to Josef

    It's typical in many ecosystems. Or would you build a server today with parts that where "brand new" 8 years ago?

  • MiserableOldGit (unregistered) in reply to Zenith
    Versus, what, a situation where some dummy set these passwords and never recorded them anywhere with anyone? No thanks, I'll take this pop-up over that any day of the week.

    I experienced precisely that at one WTFy firm I worked at. Idiot IT Mangler had set up our WAS and forgotten all the admin passwords he'd used. Such was the tangled mess we had we simply had to limp along for three years with limited access and the odd reboot before we could deploy a complete new ecommerce solution to replace it.

    When they finally did sack him they forgot to waterboard his Hotmail password out of him as all the company's MS licensing was tied to that and we had one hell of a job to retake ownership of it. On the plus side that seemed to be the final straw that saw the IT Director given his marching orders. Took years to beat the IT setup into some sort of functioning entity, not helped by their terrible choice of replacement IT Mangler, also a semi-competent blagger riding the nepotism horse hard.

  • (nodebb)

    Anyone with permissions to log in remotely to a production server should probably have permissions to reset the relevant service account passwords anyway.

  • Dave (unregistered) in reply to urkerab

    Yeah, I'm not seeing the WTF here. It's fine, as long as the only people who could log on to the server - which is a matter of the permissions set - already have access to those details. Might as well say it's not safe to use a password manager because anyone who knows the password you use for that will be able to see all your passwords.

  • Patrick (unregistered)

    Server 2008 ancient? Uhm, what? It certainly does its' job fine, and is still under extended support for something like two more years. At most it files under "yeah well, will upgrade a box now and then".

    We actually still have a few 2003's left. Now that is certainly showing its' age. (And a Windows XP box with 6 years uptime. Not touching that one!)

Leave a comment on “Credential Helper”

Log In or post as a guest

Replying to comment #:

« Return to Article