On the weekends, it was routine for me to hop on my bike once my chores were done and just take off. The rule was just had to be home by dinner time, or call from whichever friends house I was at if I couldn’t make it back in time. No cell phones.

Thanks, I’m usually better about that. Fixed in my comment as well.

https://youtu.be/5rQklSmI_F0

Enterprise https://en.m.wikipedia.org/wiki/Star_Trek:_Enterprise

I think you’re the first person I’ve seen correctly attribute this to the New Yorker instead of a 4chan green text or copy pasta.

My sister’s gateway was the Disney Pocahontas movie. She would have been around seven or eight when it was released in theaters. She fell in love with the story and the characters, knew all the songs etc… and so she wanted to learn more. So then she got real history books about the time period and biographies of Pocahontas.

And that’s when she learned grown-up’s lie.

I also really enjoy it!

Lately I google for someone that should give me a direct, exact result. First five links are fucking paid ads.

Well that just solved the question of “what should I watch tonight?”

deleted by creator

For anyone unfamiliar with the source.

https://archive.org/stream/i-have-no-mouth-and-i-must-scream_202202/I Have No Mouth And I Must Scream_djvu.txt

What you want is NIST 800-63b https://pages.nist.gov/800-63-3/sp800-63b.html#memsecret

Specifically sections 5.1.1.1 and 5.1.1.2.

Excerpt from 5.1.1.2 pertaining to complexity and rotation requirements:

Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.

Appendix A of the document contains their reasoning for changing from the previous common wisdom.

The tl;dr of their changes boil down to length is more important than any other factor when it comes to password security.

Edit to add:

In my personal opinion, organizations should be trying to move away from passwords as much as possible. If your IT team seems to think this system is so important that they need to rotate passwords every month, they should probably be transitioning to hardware security tokens, passkeys, or worst case, password with non-sms MFA.

Now I know nothing about the actual circumstances and I know there are plenty of reasons why that may not be possible in this specific case, but I’d feel remiss if I didn’t mention it.

Any organization still doing this is a decade behind best practices. NIST published new recommendations years ago that specified getting rid of the practice of regular forced password resets specifically because they encourage bad practices that make passwords weaker.

Of course it doesn’t help that there are some industry compliance standards that have refused to update their requirements, but I don’t know of any that would require monthly password changes.

They actually have a fairly comprehensive training program setup through their “University.” They also mix in foreign contractors, usually from China.

I almost did before the outage. Their pay was pretty low compared to similar positions at other companies though.

Nope, it was Gmail and I know it’s the correct account because I have other emails regarding that account going back a few years including confirmations and a password reset.

I did check spam at the time. I really tried to give them the benefit of the doubt but all I can figure is my account slipped through some weird crack. It’s likely I never would have even known if it weren’t for my kid asking me one day if we could play together.

I did check that at the time as well. Nothing was there.

Doubt all you like. I checked multiple times after opening a ticket to make sure I hadn’t missed something. I would actually be a lot less annoyed with them if I had.

I did. Unfortunately the chain ended with repeated canned responses to me that the grace period had ended and the only way I could get access again was to repurchase the game.

So did most of my friends, but I checked multiple times and confirmed that I had nothing. I would have been a lot less annoyed with them if I had received an email and missed or ignored it. For whatever reason, the notifications never made it to me.