I did that because 2 minute screen lock plus crazy long password requirements made working hell. The alternative was going to be an arduino usb hid device that typed the password when a button was pressed.
Having unrealistic, bad security rules are counterproductive.
My prior job logged everyone (employees and customers alike) out of the portal after 5 min of inactivity, but uploads to the site often took much longer than that, to say nothing of checking things over, so half the support contacts we got were whining about the timeout, and the only thing I had to say to the people complaining was “yeah man, we have the timeout too, and have to use the site on and off all day, year round, not just for three days a year… I totally agree with you, it doesn’t help, but even our dummy data on test accounts is subject to those rules, so I can’t help you…”
Instead, I learned the site inside and out by memory (I built the knowledge bases for everything, as a result) and sent the security team every article I could find about how short timeouts were bad for SaaS security because they make people use less secure passwords and skip mfa.
And it gives you electric shocks when you’re unproductive. What is productive or not is judged by an AI that us entirely inadequate for the task, so everybody gets random shocks.
I was at a company once where they had this. They used a pin for the pc and the smartcard was used everywhere… opening doors to get to the toilet, paying for lunch.
Employees said it was excellent, as you could not really forget it cause corridor separators had badge locks… so you can’t get anywhere without the card. and once you pull it from the key oards built in reader, the pc locked.
Yeah, I worked in a secure facility that did this and it felt both secure and reasonable. I just kept my card on a lanyard to my belt so I literally couldn’t walk away without pulling the card.
I remember surge strips that had infrared sensors to see if there was someone at the desk. Easy way to power off the old CRT monitors and save energy if away.
One job I had also had a 2min lockout. My solution was to let a really long YT video play in fullscreen when I left the laptop. That prevented the lockout.
Thanks to whoever uploaded a 10h loop of the Nyan cat song, you are a hero.
I did that because 2 minute screen lock plus crazy long password requirements made working hell. The alternative was going to be an arduino usb hid device that typed the password when a button was pressed.
Having unrealistic, bad security rules are counterproductive.
Are you fucking kidding me? That’s ridiculous.
My prior job logged everyone (employees and customers alike) out of the portal after 5 min of inactivity, but uploads to the site often took much longer than that, to say nothing of checking things over, so half the support contacts we got were whining about the timeout, and the only thing I had to say to the people complaining was “yeah man, we have the timeout too, and have to use the site on and off all day, year round, not just for three days a year… I totally agree with you, it doesn’t help, but even our dummy data on test accounts is subject to those rules, so I can’t help you…”
Instead, I learned the site inside and out by memory (I built the knowledge bases for everything, as a result) and sent the security team every article I could find about how short timeouts were bad for SaaS security because they make people use less secure passwords and skip mfa.
I’m a little surprised that I’ve never seen bluetooth pressure switches in office chairs to lock workstations when the employee stands up.
Because clearly you need more meddling in your workflow for the sake of security theater.
Pressure plate? Obviously it should be a chair mounted butt plug that locks the screen when removed from anus.
And it gives you electric shocks when you’re unproductive. What is productive or not is judged by an AI that us entirely inadequate for the task, so everybody gets random shocks.
And at some point you start enjoying them.
Unless managent has approved your butt leaving the seat…
Or a smartcard based login where you could just remove the card
I was at a company once where they had this. They used a pin for the pc and the smartcard was used everywhere… opening doors to get to the toilet, paying for lunch.
Employees said it was excellent, as you could not really forget it cause corridor separators had badge locks… so you can’t get anywhere without the card. and once you pull it from the key oards built in reader, the pc locked.
Yeah, I worked in a secure facility that did this and it felt both secure and reasonable. I just kept my card on a lanyard to my belt so I literally couldn’t walk away without pulling the card.
I remember surge strips that had infrared sensors to see if there was someone at the desk. Easy way to power off the old CRT monitors and save energy if away.
One job I had also had a 2min lockout. My solution was to let a really long YT video play in fullscreen when I left the laptop. That prevented the lockout.
Thanks to whoever uploaded a 10h loop of the Nyan cat song, you are a hero.
I think passphrases would work great in that case.