43 points

My company has a 6 month probation period. It also has a 6 month password expiry. Because of all the SSO nonsense, it’s quite possible for it to lapse without warning.

It’s now a running joke that get locked out on the last day of probation, and you’re expecting a call from HR any minute.

permalink
report
reply
-29 points

You might want to let your IT department that 6 months is a really long time

permalink
report
parent
reply
8 points

The current thinking as I understand it is expiry policies make most types of accounts less secure because users just cycle through the same predictable pattern of adding increasing numbers of exclamation points or incrementing the last digit at each required password change, and if you require new passwords to be too substantially dissimilar from x number of previous ones then users can’t remember them at all. Policies that make people use minimally complex passwords because they have too many to remember and don’t understand how password managers work inevitably increase password reuse between services and devices which does the opposite of improving security. Especially with MFA enforced, which I’ve been known to do as aggressively as I can get away with, there’s just no sense in requiring regular password resets – as long as the password remains complex, unique, and uncompromised. I’m not a network security expert but I am responsible for managing these sorts of things in my role and that’s the rationale I use for the group policies in a typical customer’s environment.

permalink
report
parent
reply
-2 points

You’re supposed to have controls in place to prevent all of those concerns. I’m not saying passwords should be changed every 30 days, but 6 months is a long time.

But, companies with password expirations should be providing a password manager.

permalink
report
parent
reply
94 points

Current IT best practice is that passwords should never expire on a set schedule, but they should expire if there is evidence they’ve been breached.

permalink
report
parent
reply
19 points

Legit, my old job required a 90-day change, and I once logged into a system I could do monetary damage on with ease, because I took a guess at my manager’s password based on how long it had been since he told it to me during an emergency.

He did what every single person I spoke to did. “password 01” changed to “password 02” and I just tried twice, and sure enough he had changed it three times since he had told me.

While I wouldn’t be ruining the company as a whole, I could have easily fucked over the individual location because scheduled password changes just ensure people use predictable passwords.

permalink
report
parent
reply
1 point

When is someone going to find a password but somehow be stopped because it expires in as many as six months? What is it mitigating?

permalink
report
parent
reply
17 points
1 point

I didn’t realize updating IA-5 was part of rev5. We haven’t gotten to the IA family yet in our rev5 hardening yet.

permalink
report
parent
reply
62 points

My dad has been a server engineer for a single company for my entire life and he lived like this up until quite recently. His fear oscillates in magnitude with the success of the industry the company is a part of course so it isn’t always severe but I remember every few years as a kid I’d hear him and my mother murmering about lay offs. These days he just jokes about it being an early retirement

permalink
report
reply
38 points

thank you for your input, sharkfucker420

permalink
report
parent
reply
16 points

Sharkfucker420 just knows what’s up.

permalink
report
parent
reply
13 points

rimjobsteve?

permalink
report
parent
reply
3 points

Yeah this post hit me different than was probably the intent. I’ve been expecting to get laid off for the past 6 months ago, initially it was fear, eventually it was desire. Didn’t happen though and I’ve since found a new job, but I would have welcomed it if it did.

permalink
report
parent
reply
1 point

Same

permalink
report
reply
4 points

I’m in this picture and I don’t like it

permalink
report
reply
6 points
*

Why this expression? This guy just needs to spent a year homeless on the beach or so, if being fired: https://www.businessinsider.com/chris-deering-playstation-sony-laid-off-staff-beach-uber-2024-9 It definitely isn’t greed on side of the CEO who earns millions for nothing while so many get fired, right? RIGHT?

permalink
report
reply
2 points

Paywall

permalink
report
parent
reply
4 points
*

An ex-Sony exec said laid-off employees should ‘go to the beach for a year’ or ‘drive an Uber’ Lian Kit Wee Sep 11, 2024, 7:15 AM MESZ

Chris Deering Sony Former Sony Entertainment president, Chris Deering, told recently laid-off employees to take a break for a year and wait for opportunities to return. Reuters

Ex-Sony Entertainment president Chris Deering said laid-off employees should take time off. Deering said that he doesn’t believe the recent Sony layoffs result from corporate greed. In February, Sony said it would lay off 900 employees from its PlayStation division.

Former Sony Computer Entertainment Europe president Chris Deering has a blunt message for recently laid-off game developers: They should “go to the beach for a year” or “drive an Uber” until the job market improves.

Deering, who led Sony’s European PlayStation division during the launch of the iconic game console and its successor, PlayStation 2, acknowledged the pain of Sony’s recent cuts.

The company said in February it would lay off about 900 people globally and close PlayStation Studios’ London studio, amid a slowing gaming market. Deering dismissed the notion that the layoffs were purely driven by corporate motives.

“I don’t think it’s fair to say that the resulting layoffs have been greed,” Deering said on journalist Simon Parkin’s “My Perfect Console” podcast. "I always tried to minimize the speed in which we added staff because I always knew there would be a cycle.

Fluctuations in consumer spending and recent games’ diminishing sales impact the company’s ability to “justify spending the money for the next game,” making some staffing cuts inevitable, said Deering.

Deering offered some unconventional advice for game developers affected by the layoffs. He suggested workers take time off or find temporary work, like driving for Uber, while the industry stabilizes.

“It’s like the pandemic,” Deering told Parkin. “You’re going to have to figure out how to get through it, drive an Uber, or whatever. Find a cheap place to live and go to the beach for a year.”

His remarks come at a time when layoffs have hit the gaming industry hard.

Other game developers, including Microsoft and Unity, have similarly downsized their studios this year, cutting over 3,000 jobs at the start of the year, BI reported in February.

This series of layoffs in the game industry stemmed from slumping game sales and a shrinking gaming demographic, BI previously reported. Revenue from video game sales in the US in 2023 fell by 2.3% from the previous year, and the average time spent gaming fell from 16.5 hours to 13 hours from 2021 to 2022. Related stories

However, Deering seemed optimistic about the prospects for game developers. He told Parkin that laid-off workers should take advantage of the time off to recharge but keep an eye out for any opportunities to return to the industry.

Game development skill is not going to “be a lifetime of poverty or limitation. It’s still where the action is,” said Deering.

Deering is currently an advisor for Cudo Ventures, a company specializing in monetization applications.

Sony Interactive Entertainment and Deering did not respond to a request for comment from BI sent outside business hours.

permalink
report
parent
reply

Programmer Humor

!programmerhumor@lemmy.ml

Create post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

  • Posts must be relevant to programming, programmers, or computer science.
  • No NSFW content.
  • Jokes must be in good taste. No hate speech, bigotry, etc.

Community stats

  • 4.3K

    Monthly active users

  • 945

    Posts

  • 10K

    Comments

Community moderators