I always find the various authentication experiences to be more annoying than reassuring, but until now I've always managed to defeat whatever bizarre scheme a web site has created.
Yes, I'm fan of "Reset Password."
Microsoft though has stopped me dead by refusing me access to an outlook.com [account] even though I have the email address and password.
About three years ago someone established an outlook.com email for an organization. They passed the login info on to me. I subsequently just accessed it via Gmail for the next two years.
Today I tried to log in to outlook.com make some changes. They apparently feel that I am not who I say I am and demand some kind of "authentication."
After a half an hour of repeatedly submitting "Verification Forms" (Names, Birthdate, City, Postal Code, Captchas, Previous passwords....," entering numerous PINs, and generally jumping through hoops, I have concluded that I will never ever access this account again.
Best of all the email quoted below offers no way that I can appeal this to some kind of living being.
Is this the worst authentication disaster ever? Is there any logical reason why you would make it impossible for your customers to ever recover an account?
[Continues...]
We recently received a request to recover your Microsoft account *****@outlook.com. Unfortunately, our automated system has determined that the information you provided was not sufficient for us to validate your account ownership. Microsoft takes the security and privacy of our customers very seriously, and our commitment to protecting your personal information requires that we take the utmost care in ensuring that you are the account owner.
Please submit a new account verification form
At this point, your best option is to submit a new form with as much accurate information as you can gather. The more information you can include in the form, the better the chance you'll have of regaining access to your account. We've included a few tips below to help you fill out the form as completely and accurately as possible.
> Submit a new form
Helpful tips for filling out another form:
Answer as many questions as you can.
Use the information you provided when you created the account, or last updated it.
Submit the form from a computer you frequently use.
You will be asked to list recently used email addresses and the subject lines from recent emails. Ask for help from family members, friends, or business contacts to confirm their email addresses and tell you the subject lines of the last three emails they sent you.
Make sure to use the correct domain for your account, such as hotmail.com, live.com, or outlook.com. Keep in mind that your email address may be country specific. For example, if you created your account in Sweden, your domain would be "hotmail.co.se" rather than "hotmail.com".Ready?
> Submit a new form
Thank you,
Microsoft Support TeamMicrosoft Corporation
One Microsoft Way
Redmond, WA 98052
USA
(Score: 2) by HiThere on Monday September 26 2016, @12:43AM
P.S.: Set up the system with enough RAM and boot from a LiveDVD, that way your system can't get hacked. You'll have a bit of extra work whenever some of your software needs to be patched, but since you aren't running much on it, that should be infrequent. Alternatively you could mount the system partition as read only, but you'll need to do a bit of configuration as /tmp, e.g., is usually a part of the system partition. Also this isn't quite a secure as partitions can be remounted (though I've never tried to unmount and then remount the system partition).
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 3, Informative) by NotSanguine on Monday September 26 2016, @01:38AM
P.S.: Set up the system with enough RAM and boot from a LiveDVD, that way your system can't get hacked. You'll have a bit of extra work whenever some of your software needs to be patched, but since you aren't running much on it, that should be infrequent. Alternatively you could mount the system partition as read only, but you'll need to do a bit of configuration as /tmp, e.g., is usually a part of the system partition. Also this isn't quite a secure as partitions can be remounted (though I've never tried to unmount and then remount the system partition).
Absolutely. And since OpenVPN has turnkey Live CD/USB [turnkeylinux.org] distributions, it's pretty much a no-brainer.
Owncloud is a file sharing platform. It allows you to up/download files sercurely.
OpenVPN allows for remote access (e.g., VNC, RDP, ssh, etc.), client queries against internal servers (e.g., LDAP/AD, access to internal web servers, etc.), printing, and on and on. It is, after all, a VPN which allows you to tunnel arbitrary traffic.
OpenVPN -- smaller resource footprint, smaller knowledge footprint, greater functionality
Owncloud -- larger resource footprint, larger knowledge footprint, less functionality.
Hmmm....Which should I use?
As a simple-minded comparison, note the dependencies (see below) required for each platform:
OpenVPN requires appropriate network device drivers, OpenVPN and its supporting packages/libraries:
Owncloud requires Apache, MariaDB and PHP and all the supporting packages/libraries that go with it.
Owncloud has it's own set of dependencies as well [owncloud.org]:
Apache dependencies:
MariaDB dependencies:
PHP dependencies:
(Score: 2) by HiThere on Monday September 26 2016, @04:16AM
OK, I was speaking out of general principles. You appear to have domain knowledge.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.