Name game

Credit to Author: Sharky| Date: Fri, 25 Oct 2019 03:00:00 -0700

This pilot fish builds a lot of Linux systems that have to be compliant with U.S. Department of Defense/Defense Information Systems Agency STIG security requirements, but he tries to lessen the pain by assigning root passwords that are secure but easily remembered. Naturally, he sends them to the owner via encrypted email.

When the Nvidia driver in one of those machines gets corrupted after the system goes down hard in a power outage, fish needs root access to reinstall the driver. Unfortunately, the user of that machine (who, just incidentally, had ignored the warnings about that planned power outage) has no recollection of the root password, and he can’t get it from his email. Why? He has uninstalled all his old encryption certs, so older encrypted emails can no longer be decrypted.

No big deal if fish can just do a search through his own sent emails, but he can’t, so he has to boot off DVD to get in. In short, fish is not having a great time of it, but he tries to remain gracious to the end, only grumbling and muttering to himself and not to the user.

In the end, of course, fish has to issue a new password to the user. User has a long, unusual name, which we won’t reveal; let’s just say it’s as difficult to spell as Ndamukong. Fish figures it’s suitable as the basis of a password, and no one forgets their own name. So he types the password on the screen: Ndamukong1234**.

Says the user: “That is very complicated, I’ll have to write it down.”

Write down your true tales of IT life and send them to Sharky at sharky@computerworld.com. You can also subscribe to the Daily Shark Newsletter.

http://www.computerworld.com/category/security/index.rss

Leave a Reply