Tweet
Let me say upfront that I made a mistake and stepped into this pile of shit myself. I was being asked to join the RSHL and went to go apply in the HZ zone the other night. I had a password for the RSHL web site back in 2002 and tried to rejoin two years ago. After a bunch of hassles I finally gave up then but thought I would try to support them this year.
I was told by someone in HZ to try resetting my SS password, so while in HZ I executed the ?password command. I typed in a secure alphanumeric (with special characters) and logged off. Apparently I must have mistyped the password because when I tried to get back in it failed. Of course with the password attempt lock out set to just a few tries, there is no way that I am going to be able to guess at what I missed typed.
Next step, do the ?lost password process. Oh wait, the billing server has stored my original email address from 1998. Is there are way to update the billing server email address? Yes, but it has been disabled for years.
Next step, complete a form on the Billing server and submit a help ticket. Oh wait, this might takes many days and TWL is on Sunday. So I get into TW on another name and start trying to find some help. Left_eye, Beasty, and many others staffers were all subjected to my ranting over the broken process but the bottom line was clear; only two people, mom and spacehiker, are billing server sys ops and have access to reset a password.
During this time I have had no fewer than 6 people tell me that I am wasting my time, they have lost password that they could never get anyone to reset.
So it’s been several days and TWL is tomorrow. I am sure that I could suck more peoples time with my simple mistake and get Reck/Tiny or someone to add me to the TWL roster but that is just sucking more time over a what should be a common and simple process. There is no way that something as simple as a password reset should be this difficult.
I am very close to just saying ‘fuck it’ and uninstalling SS. But before I go I wanted to at least see if I might be able to suggest a few things to help prevent this in the future.
I apologize to everyone for sucking their time over this issue the last few days; maybe something good can come out of this situation.
eph
I was told by someone in HZ to try resetting my SS password, so while in HZ I executed the ?password command. I typed in a secure alphanumeric (with special characters) and logged off. Apparently I must have mistyped the password because when I tried to get back in it failed. Of course with the password attempt lock out set to just a few tries, there is no way that I am going to be able to guess at what I missed typed.
Next step, do the ?lost password process. Oh wait, the billing server has stored my original email address from 1998. Is there are way to update the billing server email address? Yes, but it has been disabled for years.
Next step, complete a form on the Billing server and submit a help ticket. Oh wait, this might takes many days and TWL is on Sunday. So I get into TW on another name and start trying to find some help. Left_eye, Beasty, and many others staffers were all subjected to my ranting over the broken process but the bottom line was clear; only two people, mom and spacehiker, are billing server sys ops and have access to reset a password.
During this time I have had no fewer than 6 people tell me that I am wasting my time, they have lost password that they could never get anyone to reset.
So it’s been several days and TWL is tomorrow. I am sure that I could suck more peoples time with my simple mistake and get Reck/Tiny or someone to add me to the TWL roster but that is just sucking more time over a what should be a common and simple process. There is no way that something as simple as a password reset should be this difficult.
I am very close to just saying ‘fuck it’ and uninstalling SS. But before I go I wanted to at least see if I might be able to suggest a few things to help prevent this in the future.
- The zone always seemed to have no shortage of new features. How about fixing a most basic process of allowing users to update their email address so the ?lost passwords process would work?
- Or how about adding a way to make the user verify the changed password by typing it a second time like every other password entry system in the world?
- Or how about automatically turn on logging so that if the user mistypes their password they have a way to go look t see what it was?
- Or that the very least, how about a message to users to go turn on logging before changing passwords?
I apologize to everyone for sucking their time over this issue the last few days; maybe something good can come out of this situation.
eph
Comment