Spam Prank

I live for April Fool’s Day. I make a vow each and every year to find a new way to mess with my coworkers. Sometimes it’s way too easy.

This isn’t strictly an April Fool’s prank, but I thought I’d share it.

Remember how I told you not to trust IT people? I’ve known some real skunks. Once upon a time, I discovered that the network guy had developed a habit of reading other people’s e-mails. It made him feel important. He’d peek at anything that looked private or important going to the CFO, the GM, the CEO, you name it.

Most people don’t realize that IT people tend to have the keys to everything. The smaller the IT staff at your company, the more power each of them have. Because of this, you really have to screen them for a code of ethics. Or in geek-speak, “With great power comes great responsibility.”

I knew he was reading my e-mails as well. I’d only been at the company for a few months, so there was nothing private to any of my correspondence. Still, I decided to teach him a lesson.

That afternoon, I heard him screaming from the next room, “Aaaah! Something’s wrong with the e-mail server!”

I strolled into the server room, just a casual onlooker, and said it seemed to be working just fine. He told me that it was flooding people with e-mails. I asked, “Are you sure? You don’t mean my account, do you? I was just testing it out by sending myself some messages.”

What I had done, in fact, was to whip up a quick & easy PHP code to send an e-mail to my account that said, “Reading other people’s e-mails is a fireable offense.”

Then, to drive the message home, I added a quick For-Next style counter to send this message 40,000 times in under a minute.

He spent most of the afternoon deleting this message from his inbox. (I’d thought ahead and wrote a quickie Applescript to do the dirty work for my own machine.)

Peep not lest ye be spammed.

**I debated posting the code here, and decided against it. Message me if you’d like a copy.**

4 Levels of Passwords

As an IT manager, I store other people’s passwords the way a more social person might remember birthdays or phone numbers. This affords me a bit of notoriety as a computer genius whenever the people I work with forget their passwords and have to call me to help them log in once again.

Truthfully, though, I know exactly why people have such a hard time remembering what passwords they’ve used – everything you do on a digital device these days requires you to enter a password and so many people fall into the trap of trying to create a new p.w. for everything.

Stop. I’m going to make your life much simpler.

You only need four passwords total. And you don’t have to compromise security to keep your sanity. Just follow my guidelines:

Level One – This is an extremely secure password that you will use only for financial purposes (online banking, Paypal, etc.).  Expend some effort coming up with something unique here, but keep it memorable, as you will never write this down or repeat it to anyone! But again, you only use it on the websites that pertain to money. If you ever suspect this has been compromised, immediately change this password everywhere you are using it – and change them all to the same new password.

Level Two – This password can be used for all the other sites that you care about security on. Definitely use this for other sites that store your credit card info (eBay, Amazon, School stores, Department stores), as they will be applying their own security to keeping your financial info hidden, but it is possible for someone with access to this account to make purchases. Whether you share this p.w. is up to you – personally, I share this one out with my immediate family.

I also recommend using this for any private e-mail accounts.

Social media is the tricky part. In my world, these call for a level 4 p.w., but that’s because my life won’t end if someone were to toss out a few Tweets under my account. If you must put your Facebook account in the Level 2 category, I won’t judge you.

Level Three – Anyone who needs a password for work or school should have a level two password. Your company will dictate how strong this one is and there will be people you’ll need to share it with. The important thing here is to resist the temptation to use one of your personal passwords.

I’ll give you a few good reasons not to do this:
1) You’ll just set yourself up for frustration when your company makes you alter your p.w. every year
2) You really shouldn’t trust the IT people you work with that much. I mean it – I’ve known some truly unscrupulous IT people who’ve made it a sport to hack into people’s personal information. |
3. And on behalf of the rest of us in the IT world, we’d rather you keep your work password separate so that we don’t have to worry about ruining your personal life if the company servers get compromised.

Level Four – Here we get to the throw-away password. Contrary to my earlier rules, go right ahead and use your middle name for this one. Why not? This one is for all the millions of sites, apps, etc. that hound you for a p.w. even though there is nothing you’ll enter that needs to be secured: free download sites, games, newspapers, libraries, the e-mail app that the weather channel offers …

Why do these freebie sites insist on plaguing us with passwords? I can’t fathom the answer, but we’ll no longer be their puppets, will we? Give them your go-to password and you’ll never need to think about it again.

Password Studies

I collect passwords. After 20-some years in IT, I am fascinated by the passwords people choose.

Contrary to most mystery novels who use this device, people almost never have the password written on their desk. But if you know a few details about them, it’s not a leap to figure out what they’ve used.

A few things I’ve observed over the years:

  • The higher up a manager is on the chain, the more likely he is to use “abc123” as a password. I’m not sure what it is about being a CEO that makes it impossible to draft a basic pw, but that seems to be the standard. “Password” is another that they all think is clever.
  • Moms – especially single moms – tend to use one of their children’s names plus a birthdate. This is actually a pretty decent pw, as most people outside your family won’t know your kids’ birthdates. Just remember if you use this not to write the name & date on your wall calendar.
  • Guys frequently use their favorite sports figure’s name and number, like Bonds25 or Marino13. This will get you as far as the first casual Friday where you show up in the jersey.
  • It’s just absurd how many people use their own last name as a password. People, that’s not even trying, even when you get clever and spell it backward.
  • Likewise for people who use their street name and address. This is literally the easiest thing for people to find out about you before trying to steal your identity.
  • Pets are very common. There’s nothing wrong with this one unless you mention the cat by name at every opportunity.

I’d estimate that 80% of the passwords I’ve input for people over the years fall into one of the above categories. This is why when I meet someone new who has come up with something new and clever, I get the urge to call up every IT manager I know to tell them that there’s something new on the pike.

I don’t make that call, of course. Every IT shlub you know already has so many passwords floating around his head that adding more just for conversation’s sake is almost cruel.

When Yahoo! Began

This is one of those sentences that makes me sound like an old geezer, but … Back in my day, Yahoo! was only a few dozen pages.

Yep, back in the mid-90s there was no Google, no Bing. Before they came around, Yahoo! and AOL were the starting point for anything on the internet. And before Yahoo! got to be a household name, we had to remember it as an acronym: Yet Another Hierarchical Organizational Operation.  (There were a lot of failed attempts at web directories before these guys came around.)

I clearly remember the first time I sat down before yahoo.com.  All text, grouped into simple categories. Under “Entertainment,” I clicked on “TV Shows” and was taken to another single page of categories. From there, I clicked “Cartoons” and hit the jackpot – a list of websites so long I actually had to scroll down the page, slightly. They had one link for each show that was listed and I remember thinking it was going to take me all year to traverse the ‘net from beginning to end.

OK, go ahead an laugh. I honestly didn’t think it would take off beyond much us computer nerds.

There is a lesson to be learned here, though. I’ve been building websites since the early 90s and I can tell you the hardest step for everyone is condensing what they want to say. In the early years, the struggle was convincing people that they needed a website; after that, it’s a matter of helping them figure out what they want.

When someone starts visualizing a website these days, they picture all the goodies: videos, interactive chats, amazing graphics, online shopping carts, you name it. All of these features are amazing and yes, worth doing eventually. But I give you now the advice I dispense to everyone wanting to start a new website:

Start with 3 basic pages. Sure, that sounds boring, but you won’t believe how much effort it will take you to get these 3 basics together; after this, adding to it is the easy part.

All you need to do in the beginning is to tell the world 1) Who you are and what you do, 2) How to contact you, and 3) Why they should bother.

Three pages. Trust me. After you’ve got them in place, you can bedazzle it as much as you want. Take a look at Yahoo! today. They’ve never stopped expanding.