It's similar in IT. Almost no one recommends regular password changes anymore, but we won't pass our audit if we don't require password changes every 90 days.
this post was submitted on 03 Jul 2023
269 points (98.9% liked)
Science Memes
9989 readers
2001 users here now
Welcome to c/science_memes @ Mander.xyz!
A place for majestic STEMLORD peacocking, as well as memes about the realities of working in a lab.
Rules
- Don't throw mud. Behave like an intellectual and remember the human.
- Keep it rooted (on topic).
- No spam.
- Infographics welcome, get schooled.
Sister Communities
Science and Research
Biology and Life Sciences
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- !reptiles and [email protected]
Physical Sciences
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
Humanities and Social Sciences
Practical and Applied Sciences
- !exercise-and [email protected]
- [email protected]
- !self [email protected]
- [email protected]
- [email protected]
- [email protected]
Memes
Miscellaneous
founded 2 years ago
MODERATORS
Same vibe as management buying Oracle products because it's "trustworthy".
When we first switched to JD Edwards, it still sent the passwords in plain text, and our Oracle partner set up our weblogic instances over http instead of https.
I had to prove I could steal passwords as just a local admin on a workstation before they made encrypting the traffic a priority.
A very non-techy relative works in a company that requires password changes every month. At this point his passwords are just extremely easy to guess and basically go like 123aBc+ and variations of it.
Yeah, no clue how that caught traction.
Our IT department won't allow password managers. Their current stance on what we should do instead is "Uh, we're working on it". So everyone at work uses weak passwords and writes them down in notepad. headdesk
"We recommend updating your password every 90 days!"
Why, you haven't lost it recently, have you?
I never understood why this caught on, you even see it recommended for personal applications... which is just stupid. The only reason it existed in the first place is because of concerns of shoulder lookers.
the only way this gets fixed is when the audits say to follow NIST recommendations.
Oof, ouch, right in the psychology degree :(
This one does hit a bit close to home, yeah...
Don't know if this is the intended reference, but this pretty much perfectly describes why we use the Polygraph. As covered (and better explained than I can myself) on Adam Ruins Everything https://youtu.be/nyDMoGjKvNk
I feel this in my bones as an anthropologist when it comes to semi-structured interviews, which frankly have very little to do with anthropological inquiry but have nonetheless become a rote methodology.
👀 lookin' at you, alpha=.05
The history of IQ-tests...
It makes me wonder if we can create AIs that behave close enough to humans by adding an additional neurological baseline noise to the LLM training. Then throwing it in simulations to see whether social sciences might work. I'd be curious to see how true to life something like that would be as well.
A while ago, some researchers designed a game where chatGPT was assigned to characters and told to act and live like humans. It was interesting to watch. https://www.iflscience.com/stanford-scientists-put-chatgpt-into-video-game-characters-and-its-incredible-68434
view more: next ›