Follow

Went to unlock my computer.

Typed in password but screen didnt turn back on. Typed in password again.

Screen turned on and I see that I’ve typed my password into the company Slack general chat.

Fuck.

@tinker Is it ok to laugh?

Because I am restraining so hard right now, it is painful.

@arcans - Laugh. Please. I feel so ashamed I need to know someone is getting humor out of it.

@tinker @arcans

I'm just glad to know someone else has done dumb things like this before. :)

@tinker Thanks! I surely am. I enjoyed a lot the stories you told on Purple Squad Security and Darknet Diaries podcasts, so you making a silly mistake like that is both humorous and a reminder that pros do silly stuff too, which is also kinda reassuring for a someone uneducated in that field like myself!

@tinker

The solution? Make all of your passwords sound like innocuous messages you'd send to slack anyway.

Email password: Hey, who's going to be in on Monday?

Laptop password: Does anyone have that pricing sheet?

Etc.

@jeffalyanak @tinker don't forget to include:

2 numbers
2 special characters

(etc.)

(joking)

@kai @jeffalyanak @tinker

> The solution? Make all of your passwords sound like innocuous messages you'd send to slack anyway. Email password: Hey, who's going to be in on Monday?

> don't forget to include: 2 numbers
2 special characters (etc.) (joking)

"Who wants 2 get Tacos 2nite?!“

(… and now I hate myself, just a little)

@tinker

Another reason for changing passwords like diapers.

@tinker I forgot the password to my Plex server, can I borrow yours?

@tinker

tbh this feels like a bug against the screen lock or something

@deejoe - Think it might also be my monitor. Sometimes it just doesnt know that theres a signal.

@tinker that's why you don't type your password if you can't see where you type it into 😉

@lx - I feel like this is a broader life lesson 😂

@tinker All my unlock passwords are sentences. For literally this reason.

They're usually Ekko quotes, though. That might make them easy to brute force.

@tinker obtw, there's PAM modules for Yubikey+PIN.

They exist for GINA too, but I'm bad@windows.

Haha!! I did that except it was just to our testing team. I had a password scheme set up, and had to completely scrap it. :(

@tinker

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.