microsoft office password crap (rant)

[murphey]

I have 3 MS Offce emails. #1 is my university account, used only when I'm teaching.
#2 is my work account, I check in maybe once a week.
#3 is my CAP account. I use that maybe 2-3 times a year (need to get to Sharepoint).

Every time I log into outlook, it takes me to my work account. No matter how many times I click on "Log Out", every time I go back, I'm at the work account. Close the browser. Doesn't matter. Just can't get back to that other account.

I hate microsoft.

Today, I need to get into my CAP account. Can't get there from here. So, I log into my university account then log out, which takes me to the MS screen with "Pick An Account". Yaa! Now I can log into the CAP account. Nope - doesn't give me the option to enter a different email address/account.

Fortunately, I have the #3 Sharepoint link saved, so I go there. And the MS Sign In page appears.

Still not at the sharepoint page. Finally get there, and every time I move to a different folder, it wan't my *&^&*^%*()(T^& password again.

 

[midlifeflyer]

Use a different browser to avoid the cookies pushing into one account.

 

[Justin M]

Use a different browser to avoid the cookies pushing into one account.

A lot of systems require edge to work with MS Office online. Instead you could use a private session.

 

[wsuffa]

Oh yeah, I hear you. I have 2 business accounts (IMAP) set up on Outllok. Client wanted me also to access an email account on his Exchange server. It's a third, less frequently used account. It completely took over Outlook as the primary account with no way to restore my own business account as primary. Worse, it changed all the preferences and settings for all the accounts. It did a few other bad things, too. I promptly deleted and removed that account from my desktop Outlook and spent half a day restoring things.

A lot of four letter words were uttered.

I now have that account on my iPhone and Outlook on my MacBook (which was unused since an earlier gig because outlook doesn't interface natively to an IMAP calendar or contact but Mac mail program does, and that meets my needs for the MacBook). If I get an email on that account, it hits my iPhone and I can go into OWA or access it on my MacBook. This proprietary "Exchange takes over regardless of what the user wants" bulls*** really needs to end.

 

[baboss]

Right click the shortcut to your browser and open a tab in private or incognito mode.

 

[Spring Ford]

Right click the shortcut to your browser and open a tab in private or incognito mode.

Private/Incognito mode sounds good. Also, any browser weirdness at all, clear the browser cache.

 

[Clip4]

I have had it with passwords.

 

[JOhnH]

I had the same problem with Yahoo mail. It works ok with DuckDuckGo. I could probably use other browsers if I wanted to clear my cookies and cache all the time, but I don't.

 

[murphey]

I CAN'T STAND IT ANYMORE!!!! I go to MS website for Outlook. I enter username & password for account #3 but it takes me to account #2!

 

[JOhnH]

I CAN'T STAND IT ANYMORE!!!! I go to MS website for Outlook. I enter username & password for account #3 but it takes me to account #2!

Have you tried it in an incognito or private window? Or duckduckgo?

 

[chartbundle]

I use different browsers or different profiles in the browser, I know Chrome has an option under the user picture in the upper right. Firefox has an "aboutrofiles" page to do similar.

 

[Kevin Eggert]

I have had it with passwords.

Agreed! Please include Capital Letters, Lowercase Letters, Numbers, Special Characters, etc., etc. Must not include any portion of your name, social security number, phone number, address, any connection to a real word, or any arrangement that could possibly be remembered without writing it down on a post-it and sticking it on the side of my computer screen. If I want my password to be "1234" or "password", that should be my business. It's my security and if I don't care that someone can access my online account for the fruit of the month club, why should anyone else give a damn. There are a few of my accounts that I don't go to often where I have reset my password every time I go there. It is ridiculous.

 

[gkainz]

Password: ThisIsMyDamn5thF*ingPassword!
Password incorrect
Password: ThisIsMyDamn5thF*ingPassword!
Password incorrect
Password: ThisIsMyDamn5thF*ingPassword!

Click "Forgot Password"

Set new password: ThisIsMyDamn5thF*ingPassword!

"That password is already in use. Please enter a new password"

 

[murphey]

Agreed! Please include Capital Letters, Lowercase Letters, Numbers, Special Characters, etc., etc. Must not include any portion of your name, social security number, phone number, address, any connection to a real word, or any arrangement that could possibly be remembered without writing it down on a post-it and sticking it on the side of my computer screen. If I want my password to be "1234" or "password", that should be my business. It's my security and if I don't care that someone can access my online account for the fruit of the month club, why should anyone else give a damn. There are a few of my accounts that I don't go to often where I have reset my password every time I go there. It is ridiculous.

Very true....password crackers are sophisticated and work on the ASCII code, at least the ones I make my students write. At the moment my list of passwords (account/username/password) takes 12 pages, excel spreadsheet, 10 pt font. File is on a thumb drive that is updated on a computer that is not on the internet, and stored in my fire box (along with the DVD of all the log books). Printed version is on the table next to my desk.

Yes, I'm paranoid.

 

[JOhnH]

Very true....password crackers are sophisticated and work on the ASCII code, at least the ones I make my students write. At the moment my list of passwords (account/username/password) takes 12 pages, excel spreadsheet, 10 pt font. File is on a thumb drive that is updated on a computer that is not on the internet, and stored in my fire box (along with the DVD of all the log books). Printed version is on the table next to my desk.

Yes, I'm paranoid.

You aren't that paranoid if the printed version is on a table near your desk.

My biggest gripe with passwords is that you have to make them so complicated and change them to something different all the time making it necessary to write them down. Stealing that list is one of the easiest way to destroy a persons life.

 

[wsuffa]

Shortly after 10 a.m., the D.C. Health Department tweeted that all online appointments had been booked.

The online appointments that were made available today are now booked.

We know this morning was very frustrating for many people. We are working with Microsoft to understand why heavy traffic caused some eligible individuals to not get through.

— DC Health (@_DCHealth) February 25, 2021

https://wtop.com/coronavirus/2021/02/technical-issues-hamper-dc-vaccine-registration/

 

[Bob Noel]

I'll take Completely Unrelated to the Thread for 200...

(just having fun, not looking to be particularly snarky)

 

[murphey]

You aren't that paranoid if the printed version is on a table near your desk.

My biggest gripe with passwords is that you have to make them so complicated and change them to something different all the time making it necessary to write them down. Stealing that list is one of the easiest way to destroy a persons life.

Ok, come get the list and destroy my life. The two most important accounts are not written down anywhere - my bank account and my primary brokerage account. If you want my Coinbase account, be my guest. It has a total of 0.04793611 bitcoin in it. It's linked to a bank that only has $890 in it, and that bank is not my primary bank.

Here are a smattering of accounts:

• 7 different universities (including mine) - why 7? These days, in order to write letters of recommendations for grad school, you must have an account at that university to use the Letter of Recommendation app.
  
• FAA IACRA
• FAA MedXPress
• Aeroshell
• Auraria Campus Parking (3 universities share the campus, and the 4th entity "owns" the parking lots so if I want a parking permit...)
• Aircraft Spruce
• AngelFlight West
• The IMEI and MAC address of every electronic device (phone, tablets, computers, modems, routers, etc)
• Various medical and health agencies in order to make appointments
• Costco.com
• Denver Center for the Performing Arts - reserve and pay for theatre tickets - someday again, I hope.
• Express Toll on the highway out here
• My dog's facebook and twitter accounts (I have neither)
• My gym lock (the combo)

It never stops. Everything has gone online. I hate it.

I have one credit card that never leaves the house and is used only for online purchases.
Told you I was paranoid.

I've been considering a password manager but too lazy to set it up right now.

Update: that paper spreadsheet never leaves the house...WFH. That’s why when I’m not at home I can’t log into much of anything....left my brains at home.

 

[gkainz]

I finally hit the wall of password overload a couple of years ago and set up LastPass ... was a toss-up between it and KeePass or 1Password, I think.

 

[Everskyward]

I've used 1Password for quite a while. Funny that I still get junk email telling me that they know my password is ********* when I haven't used it in a long time. Looks like I have 439 different login items!

 

[murphey]

I've used 1Password for quite a while. Funny that I still get junk email telling me that they know my password is ********* when I haven't used it in a long time. Looks like I have 439 different login items!

Heard an interview last week that most people have an average of 100 logins.

 

[Everskyward]

Heard an interview last week that most people have an average of 100 logins.

Then I'm way above average!

 

[Spring Ford]

I finally hit the wall of password overload a couple of years ago and set up LastPass ... was a toss-up between it and KeePass or 1Password, I think.

Lastpass are apparently selling everything they know about you to google, well presumably apart from the actual passwords.

Someone sensible seems to recommend 1Password.
https://twitter.com/dhh/status/1364860503508582407

German but I used google translate.
https://golem.de/news/sicherheit-lastpass-nimm-die-tracker-aus-dem-passwortmanager-2102-154432.html

 

[wsuffa]

Lastpass are apparently selling everything they know about you to google, well presumably apart from the actual passwords.

Someone sensible seems to recommend 1Password.
https://twitter.com/dhh/status/1364860503508582407

German but I used google translate.
https://golem.de/news/sicherheit-lastpass-nimm-die-tracker-aus-dem-passwortmanager-2102-154432.html

Lastpass is now owned by LogMeIn - the result was higher prices, less customer service, and more bugs.

Dashlane seems to be the best but is pricy.

 

[RussR]

Stealing that list is one of the easiest way to destroy a persons life.

While that would be true, I'm not especially concerned about the risk of identity theft from my list of passwords on my desk. The main reason is that I can't believe there's a whole lot of crossover between criminals would break into houses, and criminals who hack passwords. The people breaking into your house are going to steal your money, jewelry, TV, whatever, and get out of there in the minimum time possible, not snoop around looking for password lists. So while I might not have the list taped to my computer (that they might steal), having it in a desk drawer seems just fine to me.

 

[TailWheelChamp]

Agreed! Please include Capital Letters, Lowercase Letters, Numbers, Special Characters, etc., etc. Must not include any portion of your name, social security number, phone number, address, any connection to a real word, or any arrangement that could possibly be remembered without writing it down on a post-it and sticking it on the side of my computer screen. If I want my password to be "1234" or "password", that should be my business. It's my security and if I don't care that someone can access my online account for the fruit of the month club, why should anyone else give a damn. There are a few of my accounts that I don't go to often where I have reset my password every time I go there. It is ridiculous.

Billy Bob's Iowa redneck password tip of the day...not saying it's worth anything.

Pick a name, any name except your own or that of a pet or spouse or child. Maybe an obscure nickname that you had in grade school. A name that no one but you know or remember. Or just pick a random name out of the blue.

Combine that name (in the possessive form) with the name or function of the site you're logging into.

So, say my grade school nickname was Weirdo and the site is PilotsOfAmerica. My password would Be Weirdo'sPOA. Except: I replace the possessive "s" with a "$" so this satisfies the requirement of a symbol (and I always drop the possessive apostrophe). And I replace all vowels with the numbers that look most like them (except "U" since no number looks like "U"). i.e. AEIOUY become 4310U7

Therefore, Weirdo'sPOA becomes W31rd0$P04

Weirdo'sBankOfAmerica becomes W31rd0$B4nk0f$m3r1ca or if you want to simplify it then just Weirdo'sBanking...W31rd0$B4nk1ng.

Every site is unique and can be remembered without a cheat sheet. I change them all once a year...I simply pick a new nickname or made up name but still use the same reference for the site. My cheat sheet is simply a password protected excel spreadsheet list of all the sites along with my user name for each (user name is the thing I can't remember sometimes) but with no passwords since they're easy to remember. I currently have 81 in the spreadsheet.

 

[denverpilot]

Lastpass nerfed their free version this week. I guess running without a profit will do that. Inevitable considering who purchased them. Gotta make back that purchase price...

Bitwarden looks like it’s the new hotness.

And @murphey my password vault for me has over 300 and the sysadmin vault at work has 500+. LOL.

In the very very rare occasion someone has to type a password in front of me and they get paranoid about it, I just laugh and tell them I could care less. I have the password that sets passwords for the whole company. The last thing I need is yours.

That said, two other people are notified instantly any time I use it. It’s encrypted and 2FA is required to get it.

 

[JOhnH]

While that would be true, I'm not especially concerned about the risk of identity theft from my list of passwords on my desk. The main reason is that I can't believe there's a whole lot of crossover between criminals would break into houses, and criminals who hack passwords. The people breaking into your house are going to steal your money, jewelry, TV, whatever, and get out of there in the minimum time possible, not snoop around looking for password lists. So while I might not have the list taped to my computer (that they might steal), having it in a desk drawer seems just fine to me.

You do have a point. At home. My reference comes from my time working in a large corporate setting. Those people always wrote down their passwords. No matter how much we told them to protect their passwords, they wrote them down and left them on their desk or in their top drawer or taped to their phone. One time one of the operations managers left a sticky with his password stuck on his monitor. I used it to access his account and wrote a little loop so that as soon as he signed on he got a message: "Your password has been compromised. Call Tech Support immediately". Then it locked his terminal submitted a background process that redirected output to his screen:
"deleting"
"deleting"
"deleting"

No matter what he did he couldn't get it to stop scrolling and deleting. He was practically crying when he called TS.

 

[denverpilot]

You do have a point. At home. My reference comes from my time working in a large corporate setting. Those people always wrote down their passwords. No matter how much we told them to protect their passwords, they wrote them down and left them on their desk or in their top drawer or taped to their phone. One time one of the operations managers left a sticky with his password stuck on his monitor. I used it to access his account and wrote a little loop so that as soon as he signed on he got a message: "Your password has been compromised. Call Tech Support immediately". Then it locked his terminal submitted a background process that redirected output to his screen:
"deleting"
"deleting"
"deleting"

No matter what he did he couldn't get it to stop scrolling and deleting. He was practically crying when he called TS.

You’ve just described why I just finished a customer meeting where we will be forced to use MFA and SMS based MFA no longer qualifies... by the end of this year. On everything.

No token. No loggy inny. No makey money.

Passwords are going away anywhere the systems will do token based access. Anything that uses a password will be listed as a security threat and will get eventually replaced.

Flip side is, customer will be paying for it one way or another. Won’t be cheap.

 

[wsuffa]

Lastpass nerfed their free version this week. I guess running without a profit will do that. Inevitable considering who purchased them. Gotta make back that purchase price...

Bitwarden looks like it’s the new hotness.

And @murphey my password vault for me has over 300 and the sysadmin vault at work has 500+. LOL.

In the very very rare occasion someone has to type a password in front of me and they get paranoid about it, I just laugh and tell them I could care less. I have the password that sets passwords for the whole company. The last thing I need is yours.

That said, two other people are notified instantly any time I use it. It’s encrypted and 2FA is required to get it.

I very recently dumped Lastpass. Had it for a long time - back when it was good before the big, bad internet company bought them. A long bunch of atrocities, but the last straw was elimination of multi-year plans. Cost for switching: very low. On a 3 year plan with another provider that has a couple of nice features that LP didn't and likely won't.

It's one thing to be on a free plan and get **** customer service, it's a whole 'nother kettle of fish when you're paying for it.

 

[Hang 4]

I very recently dumped Lastpass. Had it for a long time - back when it was good before the big, bad internet company bought them. A long bunch of atrocities, but the last straw was elimination of multi-year plans. Cost for switching: very low. On a 3 year plan with another provider that has a couple of nice features that LP didn't and likely won't.

It's one thing to be on a free plan and get **** customer service, it's a whole 'nother kettle of fish when you're paying for it.

How did you transfer all your passwords?

 

[wsuffa]

How did you transfer all your passwords?

The new manager had an import function and Lastpass has a CSV export. Easy peasy.

 

[flyingron]

I gave up on Outlook (even though I kept the other office apps). I use eMClient on both MAC and PC now.

 

[denverpilot]

I gave up on Outlook (even though I kept the other office apps). I use eMClient on both MAC and PC now.

emClient is excellent. Super responsive to issues too. Well worth the license.

 

[JOhnH]

I very recently dumped Lastpass. Had it for a long time - back when it was good before the big, bad internet company bought them. A long bunch of atrocities, but the last straw was elimination of multi-year plans. Cost for switching: very low. On a 3 year plan with another provider that has a couple of nice features that LP didn't and likely won't.

It's one thing to be on a free plan and get **** customer service, it's a whole 'nother kettle of fish when you're paying for it.

May I ask who you switched to?

 

[kayoh190]

emClient is excellent. Super responsive to issues too. Well worth the license.

Wait a minute - you said something *positive* about something! Usually the best you do is "it doesn't suck quite as much as the other complete garbage".