Whats your use case for the NAS? Mine is a media library and anything over USB would really suck. But I have a oldish TerraStation running a modified version of debian for my NAS. It’d probably be easiest using an old desktop and just throwing whatever debian stable is on it.

Abolish Mondays

Do you work directly with the average user? They aren’t locking this in their desk drawers when they need it to login. This is getting left on someone’s desk 100%

Good thing we all have phones with cameras, and there are 2 hours worth of codes printed here.

Yeah and the first thing a pentester is doing is snapping a shot of that as they walk by. Its not taking long. Theres at least an hour that we can see in this screenshot. That is enough time.

Something you know, this paper will quickly become something everyone knows the minute the weakest link in your company security pipeline gets a hold of one.

You are not wrong. Everyone is scared. Idk where all the guns went that are supposedly in this country.

Its passed time to be on site.

Like, you know the executives make the decisions and either backed or made this promo?

It feels like fifteen tons to login anywhere in the modern day.

I wish hardware tokens or something were more prevalent or anything that doesn’t require me to visit 2 separate pages (login then 2fa) to login everytime. All the services I use at work timeout at ~15 minutes and it can be a slog. Software authenticators are convenient to keep track of but theres got to be a better way.

I believe most passwords are brute forced or phished nowadays, so unless you have some password manager changing your passwords every hour or so the password is probably pretty moot if the employee has to set it.

There are purposed 2FA devices that aren’t your phone. Leaving one of those laying around is about the same security level as leaving these papers is what that says. Either way that sounds like ass to deal with regardless of how secure it is. Give me Aegis or give me death.

The fucking hotel moguls are not the same as the workers of Nevada.

Most 2FA is software on someone’s phone, like Microsoft Authenticator. Its not different from leaving a device. It is very different from leaving your phone.

You know employees are taping this to their cubicle lol all it would take is some white hat grabbing it off your desk before you all have to do special training from IT

It does. If you were to lose this paper while it were active any hacker could access your account. At least your phone has a PIN or pattern they also have to guess. This is just waiting there to be social engineered away from you (if it were still active, which good thing its not)

Lmao how many of them wanted the fashy in office? Probably most

So Google ate the domain and now you cant use it to make a gmail alias? Why did Google take the domain? So close yet so infinitely far