Don't Accept Defaults

• Steve Jones - SSC Editor

  SSC Guru

  Points: 736255

  More actions

  April 10, 2013 at 10:23 pm

  #150344

  Comments posted to this topic are about the item Don't Accept Defaults

• Bob Abernethy

  SSCommitted

  Points: 1946

  More actions

  April 11, 2013 at 5:26 pm

  #1605816

  I thought the title "Don't Accept Defaults" might be about life in general, or in a business/corporate setting.

  Either way, it's good advice. 🙂

• Jim P.

  SSCrazy Eights

  Points: 8725

  More actions

  April 11, 2013 at 9:15 pm

  #1605834

  I agree with not accepting defaults. But if you set a rule against a default -- make it consistent.

  My SW company was sold to a different parent company last October. I'm the DBA that is responsible for 99% of the export and conversion to the new SW.

  So far, I have had to create a new password for for the AD login to the employee website and email. It has a level of obscurity such as uppercase and length.

  Then about a week ago I had to have a login to another AD with different consistency for password strength.

  Then today I was forced into another password strength in another system, with a different user id.

  I don't use any of the systems, other than the e-mail, to retain any of them over the long-term.

  So really my only option is to write or otherwise store, in clear text, my login information.

  Where if all systems had a connection, or the same standard, then it wouldn't be a problem. Even worse, one ID is set to never change. One has a 60 day life cycle. The newest one I have no clue.

  
  
  ----------------
  Jim P.

  A little bit of this and a little byte of that can cause bloatware.

• Miles Neale

  SSChampion

  Points: 13147

  More actions

  April 12, 2013 at 11:40 am

  #1606073

  Thanks for restating this.

  I remember one time looking at the installations of SQL Server on developer workstations back in the days where there was a default user and password. As the person in this organization changed with enforcing data security, I was able to log into over half the installations as SA with the default user/password pair and review everting in their local development environment. I was surprised and amazed. I also circulated word to the owners of those installations that they needed to change from the default.

  What we do without thinking!

  M.

  Not all gray hairs are Dinosaurs!