IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Security Forum / It doesn't even make sense
Post #426,875
by scoenye
12/22/18 9:01:45 PM
12/22/18 9:01:45 PM
Reply
New It doesn't even make sense
I can't think of any legitimate reason why one would need the user passwords to shift services providers. (My guess: they're planning on setting up the new AD service with the same passwords as the old one, but that is indeed just not done.)
If that was IT guys original idea, then it is time to find another one. However, if IT guys is also just another contractor, I wouldn't discount strongarming on part of the head of the firm.

And I agree with the others: it is CYA time.
Post #426,879
by boxley
12/22/18 10:04:42 PM
12/22/18 10:04:42 PM
Reply
New Should be a 2 factor anyway
Dunno how it is done in AD but in nix you can usually copy the encrypted passwords over and it will usually work
"Science is the belief in the ignorance of the experts" – Richard Feynman
     *Really* bad internet hygiene - (rcareaga) - (6) - Dec. 22, 2018, 05:19:44 PM EST
         have her call both the head of the firm and with the IT guy. - (lincoln) - Dec. 22, 2018, 06:13:43 PM EST
         as noted above, get it on the phone and in email - (boxley) - Dec. 22, 2018, 07:14:45 PM EST
         Yeah, it's that bad - (drook) - Dec. 22, 2018, 07:36:23 PM EST
         It doesn't even make sense - (scoenye) - (1) - Dec. 22, 2018, 09:01:45 PM EST
             Should be a 2 factor anyway - (boxley) - Dec. 22, 2018, 10:04:42 PM EST
         Yeah, that's bad. - (static) - Dec. 22, 2018, 10:33:53 PM EST

And so on, and so forth.
66 ms