back to article BOFH: Password HELL. For you, mate, not for me

"Okay, I'll just need your username and password to verify this," the customer rep tells me. "You know my username." I respond "I just told you." "Yes, but we need to verify that you have access to your account." "I told you the answer to my secret phrase question." "The secret phrase is only used to verify your identity, …

  1. Andrew Moore Silver badge

    Welcome back Simon...

    You've been missed...

    1. ecofeco Silver badge

      Re: Welcome back Simon...

      Indeed.

    2. Danny 5

      Re: Welcome back Simon...

      Bringing back the L in lmao :)

    3. Ripper38

      Re: Welcome back Simon...

      ...and on my birthday too!!!

  2. James 51 Silver badge
    Alien

    I do have to admit when it comes to stuff like this, I just have to be myself for a minute and I usually get hung up on. Not rude or anything, I just start asking questions (like how did you get this number? Can you prove you're not in violation of the data protection act etc etc) and provide accurate if awkwardly phrased answers and pretty soon I am talking to myself again.

    1. Dabooka Silver badge

      Same here

      I rarely get cold calls, but when I do by heck I put them through the mill!

      And I always ask questions back when it is a legitimate call, it's always nice asking them where, when and value of my last transaction, or when my account was opened.

      Co-Op bank and Amex always seem to enjoy playing along, the others not so much (especially EE)

      1. Jedit

        "I rarely get cold calls"

        I wish I were you. But I only get cold calls from the Indian scammers, so I start from the BOFH's end point and get progressively nastier. Always calmly and with a smile, though.

        1. Rol Silver badge

          Re: "I rarely get cold calls"

          "Hello sir, we have been passed your details because one of your family has been in an accident recently" or whatever.

          Whenever I get one of those calls I always start the conversation off with "What's my name?"

          and they always have a go at guessing it!

          Oh nothing so sensible as Mr Brown or Mr Smith, which has a statistical chance, but the most random list of internationally known celebrities...Mr Blair, Mr Trump, etc, gets thrown at me, in that one in a beeelion chance they might win gold.

          A bunch of chancers by any definition.

          1. JimboSmith Silver badge

            Re: "I rarely get cold calls"

            Last one of those I had was at work and when asked by the lovely chap from the Indian Subcontinent if I had been injured in the accident that wasn't my fault, I said:

            Me: "Yes it was awful I've never been in a fatal accident before at least not one where I died"

            Sounding very interested: "So you were injured in the accident?"

            Me: "Yes mortally wounded as it turned out, the funeral was lovely though"

            Sounding very interested: "Can you describe your injuries?"

            Me: "Yup Death by Decapitation and not the good kind, not going to walk away from that"

            Sounding extremely interested: "Have you spoken to a lawyer yet?"

            Me: "No very few people talk to you when you're dead, I'm grateful for your call."

            Sounding disinterested: "Are you saying you didn't survive the accident?"

            At this point there is the sound of someone else joining the call.

            Me: "Yes, and I wouldn't recommend cremation if I were you!"

            Line goes dead

            1. D@v3

              Re: call about your accident

              My general response to people wanting to talk to me about the accident i was in is,

              'Christ, I've been in an accident? Really? Am I OK? Do my family know? It must have been serious as I don't remember it'

              Generally don't get much further than that before they hang up, although you do get the odd one who doesn't understand and you have to spell it out for them.

              1. Prst. V.Jeltz Silver badge

                Re: call about your accident

                Iv'e had two mystery calls from a withheld nmuber this morning . I just ignored them . After reading these suggestions I'm hoping they ring back again now!

                1. Fr. Ted Crilly

                  Re: call about your accident

                  http://whocallsme.com/ most enlightening, sometimes some helpful soul will have the cold callers office numbers great fun ringing the 'managers' phone number every 5 mins or so 9-10 in the morning

                  1. Diogenes

                    Re: call about your accident

                    My wife plays helpless, and "oh dear my husband is not home at the moment & he deals with $attempted_scam, his name is Rufus Firefly* and you can reach him on ..., and uses the number for one of the telemarketers that comes through on an unblocked number

                    *safe in knowledge few have watched Duck Soup , I am considering getting her to change the name she uses to Lancelot Link

                    1. Charles 9 Silver badge

                      Re: call about your accident

                      "I am considering getting her to change the name she uses to Lancelot Link"

                      Well, that's something to try, though I happen to recall it. I wonder if I could take a swing with Claude Dibbler.

                      1. dwilkin

                        Re: call about your accident

                        You'll be cutting your own throat...

              2. Charles 9 Silver badge

                Re: call about your accident

                In America we tend to get cold calls by robot. Since they'll persist in spite of anything you do, all you can do is hang up and see if you can block the number in future (at least I haven't yet been cold called from a hidden number, probably because those that do tend to end up being police traced).

                1. tlhonmey

                  Re: call about your accident

                  The robots are trivial to deal with. Get yourself a tape recorder (Am I dating myself?) with the DTMF tones used to identify a disconnected number. When the robot hears those (sometimes it takes a couple tries) it'll remove your number from its list.

            2. Phil W

              Re: "I rarely get cold calls"

              @JimboSmith

              Brilliant, I may have to steal that one!

              One question though....

              "Yup Death by Decapitation and not the good kind, not going to walk away from that"

              What's the good kind of death by decapitation?

              1. ArrZarr Silver badge

                Re: "I rarely get cold calls"

                Ones involving lawyers?

              2. BebopWeBop Silver badge
                Alert

                Re: "I rarely get cold calls"

                Well. The nervous executioner needed several hacks to divest Mary Queen of Scots of her head.. I'm not sure it is recorded whether he got a return gig at that venue?

                1. fredds

                  Re: "I rarely get cold calls"

                  Tradition was, you gave the executioner a small bag of coins, which guaranteed a single, clean chop. One guy decided to be cheap; took 7 hacks to remove his head... painful.

                2. The IT Ghost

                  Re: "I rarely get cold calls"

                  Of course he got a return, but he was demoted to removing hands and such for a while, before working his way back up to...<ahem> head executioner.

              3. JimboSmith Silver badge

                Re: "I rarely get cold calls"

                I was wondering when he was going to ask that let alone you.

                My reply to him was going to be...

                "The painless kind".

              4. Robert Helpmann?? Silver badge
                Facepalm

                Re: "I rarely get cold calls"

                Q: What's the good kind of death by decapitation?

                A: The kind that happens to someone you don't like.

            3. Marshalltown

              Re: "I rarely get cold calls"

              Ah yes. I once received an "emergency call." The caller asserted that my Bank of America account had a problem. He had a dense, south Asian accent. Then he asked me to give him my bank account number! Hmmm.

              "But, you are calling me. Why would you need my account number?"

              The assertion is, "we need to verify your account."

              "Verify what?"

              "Your account!"

              "But you should already have the number."

              "Yes, we do. But, we need to verify it."

              "What did you say your name was?" He really hadn't. There was a pause, "Jim Smith."

              "Where are you calling from?"

              "Kansas City."

              "Interesting, Jim. You know, from your accent, I would have thought you weren't west of Peshawar."

              <Click>

            4. Jesthar
              Facepalm

              Re: "I rarely get cold calls"

              I had a brilliant outcome to a scam call a couple of weeks ago...

              Scammer: (heavy Indian accent) Ma'am this is David and I'm calling from BT, how are you today?

              Me: (Deciding on the bright and breezy appoach) Awake!

              Scammer: Ma'am, the reason I am calling is that we are worried about your internet, for the past few nights it has been sending us error messages which indicate to us it is being used illegally at night, do you understand?

              Me: (thoughtfully) Riiight...

              Scammer: Ma'am, we're talking about your router, OK? It's been hacked, OK?

              Me: (energetically) Oh, right! Hang on, I work in IT, let me check the logs!

              Scammer: You're an IT professional?

              Me: Yes!

              Scammer: (sounding wary) Right. I am talking to Mrs <surname>, yes?

              Me: Nope! (Not married, and not going to correct them!)

              Scammer: (confused, talking loudly to self) Then who the hell are *YOU*?!?

              Me: (trying not to laugh) Well, that's not very polite for this time in a morning!

              Scammer: (realises he said the last sentence out loud, not in his head!) >click<

              Kept me laughing for days, that did! :D

          2. Doctor Syntax Silver badge

            Re: "I rarely get cold calls"

            "Hello sir, we have been passed your details because one of your family has been in an accident recently" or whatever.

            I think in the future it's going to be my wife who was injured. She's being treated in the Institute for Clinical Orthopaedics, ICO for short, in Wilmslow. Phone number 01625 545 745...

            And good luck to the ambulance chaser who tries following that one up.

          3. Doctor Syntax Silver badge

            Re: "I rarely get cold calls"

            "What's my name?"

            The Windows support equivalent would be "Which one, I have several. What's the licence number?".

            1. swm Bronze badge

              Re: "I rarely get cold calls"

              I get these calls promising to "fix" my computer. I reply that I don't have a computer. They always insist that I do for some reason.

              1. Michael Souris

                Re: "I rarely get cold calls"

                I get these calls promising me a better deal on my telephone account. I reply that I don't have a telephone. You can almost hear the gear whirring whilst they process that one. <click>

        2. The IT Ghost

          Re: "I rarely get cold calls"

          I get the "Windows Support" ones rather often, I usually hang up, but sometimes they tick me off so I mess with them. Sometimes my only computer is an Apple. Sometimes its various Linux distros, a few times I simply invent an OS name and claim I wrote my own. Having claimed to be "Windows Support", they have then undercut themselves. One of these days, I'll spin up a Windows VM and let them play a while, then power it off in mid-stream and claim they broke my computer.

          I might also, at some point, interrupt them right off and say something "Oh, thank goodness you called! My computer thingie won't get on the Interweb thing, you can help me fix it!" And since their only skill will be connecting remotely to a working machine and loading it with crapware, yet they claim to be "support"...I predict awkward pauses.

          1. networkboy

            Re: "I rarely get cold calls"

            "One of these days, I'll spin up a Windows VM and let them play a while, then power it off in mid-stream and claim they broke my computer."

            You can do soooo much better:

            not sure if URLs are allowed, but:

            https://www.youtube.com/watch?v=Du6acZ-PZQ8

            1. This post has been deleted by its author

          2. pordzio

            Re: "I rarely get cold calls"

            If You're spinning up this VM fill it up with zip bombs and goat porn :D

        3. 4cAtS

          Re: "I rarely get cold calls"

          Set a new 'Microsoft Support' record today - 27 minutes before being sworn at.

          1. AIBailey
            Pint

            Re: "I rarely get cold calls"

            27 miutes? Well done Sir, well done.

            I've only ever received one such call, but managed 14 minutes. Not bad for a first attempt?

            1. kain preacher Silver badge

              Re: "I rarely get cold calls"

              I manged to get one to cuss at me in under 5 minutes. He said you think you are smarter than me.

              1. Chika

                Re: "I rarely get cold calls"

                There's a guy that has been posting YT vids where he torments the scammers. Nothing unusual about that; there are plenty of these knocking about but this one has been giving users a few pointers with regard to the kind of epithets guaranteed to wind them up from weaker taunts like "chutiya" to more hard core terms like "teri makichoot"... I'll say no more than that!

            2. thisisnotmyrealname

              Re: "I rarely get cold calls"

              I once got 3 call backs, all suggesting that I have an oedipus complex. Microsoft support also provide free psychological analysis it seems.

        4. Mike Lewis

          Re: "I rarely get cold calls"

          I'm waiting for Microsoft India to call so I can yell at them about Windows 10.

        5. dmacleo

          Re: "I rarely get cold calls"

          I usually answer unknown numbers with "State Attorney Generals office how may I help you" and usually hear a click right then before I get to the second part of "Fraud Department"

          1. Anonymous Coward
            Anonymous Coward

            Re: "I rarely get cold calls"

            I think at least one replied, "Impersonation of a government official is a felony in your state. We know the number to the Attorney General's office, and you're not it. Now let's start again..."

      2. Doctor Syntax Silver badge

        Re: Same here

        "Co-Op bank"

        Reminds me, I must ring them and ask why they haven't responded to my email to their Ihavessenascam address reporting, for the nth time, an email from their tame spammers digital marketing company and explaining that it has all the hallmarks of a phishing spam.

      3. Kiwi Silver badge
        Thumb Up

        Re: Same here

        And I always ask questions back when it is a legitimate call, it's always nice asking them where, when and value of my last transaction, or when my account was opened.

        I do the same. Surprising how many of these organisations expect me to give out some serious ID info (name, address, last address, DOB, security questions etc etc etc) but have a hard time when I ask them some things that would verify that they have access to my account.

        Some of them get real pissed off when I tell them to go away and hang up on them. Even though I do politely say "I'm afraid I can't confirm you are from my bank, so I am now ending this call". Some do provide me with a way I can get back to them when I call their number (must be through the organisation's published (in phone book no less) number, not a number the caller tries to give me!)

        Some get real shirty when you don't play the game by their rules....

      4. Japhy Ryder

        Re: Same here

        "Don't waste your time on me" or something in a foreign language usually does the trick.

    2. JimboSmith Silver badge

      Had the 'bank' call me once and I said I'd rather call them but the girl was insistent that I couldn't do that as she wasn't calling from the regular number. Already alarm bells are ringing in my mind but she very patiently explained that we wouldn't be talking about my accounts or any personal info. She then said to verify she was legitimate that I had been in a particular branch last Thursday, which I had and then gave me the time I'd visited which was again accurate and that I'd spoken to the manager. She said she didn't have access to any personal details but they wanted to check that the level of service I had received was adequate for my needs etc. She was charming and never once went near anything that I would have flagged as a scammer question. I did check with the bank and they do indeed do checks like this on their staff.

      Flipside to that coin, stayed at a hotel (part of a large chain) in the Middle East over Christmas and when they asked for an email address gave them a unique one @mydomainname.com. I checked the box to say I didn't want my details passed on or sold or contacting in any way. Yesterday I received an email from some business in the same country to that address and I was unimpressed. Called the hotel and spoke to the switchboard and had a nice girl there explain that whilst I might think that I'd received it because it was from the same country it probably wasn't anything to do with the hotel.

      Her: "Loads of people have your email address right?"

      Me: "No only you have that particular address"

      Her: "We wouldn't pass on your details if you told us not to. Are you sure?"

      Me: "Yes because the email address is yourhotelchain@mydomainname.com, it is unique to you and I haven't given it to anyone else because I've never stayed at your chain before!" (and won't again after this).

      Her: "Oh, I'm not sure who to transfer your call to."

      Me: "Well as I made sure I told you I don't want any contact from you and I've been sent something maybe your head of (IT) data security?"

      Her: "I'm not sure I know who that is, why them?"

      Me: "Because if you really haven't sold/passed on my details then I would suspect you've got a problem somewhere with your computers/data."

      Her: "I think all the IT people have gone home can you call back tomorrow?"

      1. networkboy

        Love having my own mail domain

        "when they asked for an email address gave them a unique one @mydomainname.com"

        I do the same thing. Company.auxinfo@mydomain.com

        Set up my server so the catch-all address forwards to a unique address for my inbox.

        When I start getting spam from someone I :bounce: their address and have a script that fires off an email to abuse@company.com complaining about it for every spam I get.

      2. Keven E

        Unique usage

        "Yes because the email address is yourhotelchain@mydomainname.com, it is unique to you..."

        It's the beauty and the bane of being the catch-all user on a personal domain name.

    3. 2460 Something

      I have started doing something just as amusing .. I start talking to them and then stop mid-sentence, I apologise and ask them to wait a moment, then put my side on mute and see how long they last for before hanging up. Longest so far was a very persistent 15 minutes and 47 seconds. Either that or he fell asleep for a bit in between...

      1. Anonymous Coward
        Anonymous Coward

        Similar to what I do. At the start of the call I say, "Oh, you need to talk to Fred. He'll be very interested. Hold on, I'll go get him." Then I set the phone down. There is usually sime background noise (the TV), so the caller knows I have not hung up. An hour later I check to make sure the call has ended. I figure they cannot be scamming others if they are sitting on hold, and they have no one to curse when they realize 'Fred' is never coming.

  3. Anonymous South African Coward Silver badge

    Good to see Simon is back in the saddle.

    Developed withdrawal symptoms and formatted a production server by accident.

    Going forward, a regular dose of BOFH articles will prevent nasty workplace accidents or nasty data loss incidents to occur again in future.

    1. phuzz Silver badge

      "formatted a production server"

      You work for GitLab, and I claim my £5, (or R 80 if you prefer).

      1. Inventor of the Marmite Laser Silver badge

        @Phuzz

        Just think: GitLab may NEVER HAVE HAPPENED if the BOFH had been published earlier in the year

    2. Munchausen's proxy
      Pint

      "Going forward, a regular dose of BOFH articles will prevent nasty workplace accidents or nasty data loss incidents to occur again in future."

      Prevent some, suggest others. It's all good.

  4. nhaines
    Angel

    Ahhhh....

    I'm not going to lie... When I saw this article I felt like a Jem'Hadar getting a fresh tube of ketracel-white.

    ...

    I'll get my coat.

    1. Toltec

      Re: Ahhhh....

      Dabo!

  5. Hans 1 Silver badge
    Happy

    Forgive my German

    I used to get cold calls quite often ... first I tried the "I heard this call is recorded, I do not wish to be recorded, for privacy reasons. That worked well, but some tried to insist .... so I switched to this tactic:

    When I get cold a call, I only speak German ... needless to say, this has been registered in their systems and they now no longer call me. Have not had a cold call in months or years ? ... at one point it was several calls weekly!!!!

    I found out that a French web merchant, cdiscount, was selling my mobile number, I specified it in my details because it is useful when the delivery man tries to locate my home ... I do not shop there anymore.

    Tut mir wirklich Leid aber ich verstehe Sie nicht, Ja.

    1. WonkoTheSane
      Trollface

      Re: Forgive my German

      My usual response to cold callers goes as follows:-

      Caller: "Scam scam scammity scam?"

      Me (Best 1930's BBC accent): "I'm terribly sorry old chap, but I'm afraid I don't speak a word of English. Good day to you!" *hang up*

      If they call back, I say (crossly) "I said GOOD DAY SIR!" *hang up*

    2. LaeMing Silver badge
      Go

      Re: Forgive my German

      Maybe I should learn Tolkenian 'Black Speech' for talking to telemarketers!

      1. Wapiya
        Trollface

        Re: Forgive my German

        I do reserve Black Speech(tm) for more suitable occasions, like yelling at Russians at a hotel buffet.

        Telemarkters get a very thick accent in Low German (low like High/Lowlands). Most of the non-native German callers do think it is a variant of unparsable English (For Germans it is like Scots to English). And you can use it to politely insult people. We do have several upper court decisions, that insults in Low German are always with a condescending irony and therefore not punishable. Even when used against the police.

        Sometimes it pays to be a minority.

      2. Charles 9 Silver badge

        Re: Forgive my German

        Why not try Klingon? I think it's possible to actually give all your responses in Klingon.

  6. Known Hero

    I had Vodaphone call me yesterday asking if I were the account holder.

    I smartly answered no sorry I stole this phone.

    umm ....

    ......

    ...

    I'll remove you from the call list

    Thank you :)

    1. Hans 1 Silver badge
      Coat

      >I smartly answered no sorry I stole this phone.

      Upvoted, but they might report your sim and IMEI as stolen ...

      1. Trygve Henriksen

        That sounds like the beginning of a 'do you want to switch to us and pay more' talk...

        In which case the subscription isn't through them in the first place, and if they do report the SIM and IMEI as stolen, they'll have a bit of explaining to do.

        1. Prst. V.Jeltz Silver badge

          Re: That sounds like the beginning of a 'do you want to switch to us and pay more' talk...

          Not true , I get EE calling me up, offering to help me move a better tariff with them. They know i'm already with them , but the salesdroids dont seem to know how much I'm currently paying , or have any schemes that wont involve me paying more money.

      2. Rol Silver badge

        But by their logic, without having confirmed you are who you say you are, they couldn't then act on what you said.

    2. Doctor Syntax Silver badge

      "I smartly answered no sorry I stole this phone."

      Or

      I picked it up from where someone'd dropped it down the bog. It works OK but it's a bit niffy. Can you do anything about that?

  7. TRT Silver badge

    I must be slow today... just got that

    bath and pool questions followed an off the cuff comment about drowning. I guess that's a password hint.

  8. SigKill

    Worth the wait.

    Bonus: I almost considered paging The Register because I couldn't remember my password.

  9. Alistair Silver badge
    Pint

    Comprehension issues

    /but YOU called US/

    /easier ways to get your name removed from a mailing list,/

    Recently spent some time getting things on and off my books. One of these was a 'collections' issue on my credit history for $1.49

    Yup. One dollar and 49 cents. <original item balance was well over $5K, and I still have the 'all paid, glad to do business with you, please come again' printed invoice>

    The company involved tried to turn that $1.49 into $52 in when we we're figuring out how to get the flag off the books (it had 3 more years to go). All sorted now. But they've been calling my cell daily. With WunderFul Offers and Cheep Credit. I'm collecting the automated messages in recordings. I'll figure out what to do with the audio stream later. Might have to borrow a Stephen Harper Tactical Calling Tool. I'm just wondering if I can get the accounting department head's home phone number. Sadly what was once a decent furniture shop is now owned by a bunch of tools as far as I can tell.

    Have a wee dram Simon, good to see you back. (It is friday after all and, Oh, Look. The three systems where they won't let me set up my ssh keys need password changes)

    1. allthecoolshortnamesweretaken Silver badge

      Re: Comprehension issues

      Use the recordings to make a wicked re-mix, add some video and upload it; should go viral in no time.

  10. Anonymous Coward
    Anonymous Coward

    As satisfying as drowning.

    Had a skype job interview today. Telemarketer tried to call on landline. Cord pulled.

    1. kpanchev
      Devil

      Re: As satisfying as drowning.

      You have a landline??? With a CORD????

      1. Phil W

        Re: As satisfying as drowning.

        To be fair, it's quite hard to have a landline without a cord of any kind, even if it's only to a base station.

      2. Anonymous Coward
        Anonymous Coward

        Re: As satisfying as drowning.

        Obviously I don't actually use it for anything important, that's how I knew it was a telemarketer.

        1. Anonymous Coward
          Anonymous Coward

          Re: As satisfying as drowning.

          I only have one for voicemail. Like buggery am I paying to access my mobile voicemail, so I just divert calls I don't pick up to the home phone.

  11. Chris Miller

    "we have people using their surname with an incrementing two digit number – kept on a bit of paper under their keyboards in case they forget their name."

    Yes, I've dealt with managers like that.

    1. Anonymous Coward
      Anonymous Coward

      we have people using their surname with an incrementing two digit number – kept on a bit of paper under their keyboards in case they forget their name."

      Yes, I've dealt with managers like that.

      Some places actually make employees use Strong! passwords.

      You can tell by the yellow sticky notes on the corner of the monitors...

      And you might be able to get their login from their name tag.

    2. TeeCee Gold badge

      I think I've mentioned this before, but I'll run it again as it's relevant.

      Some years ago I was in a meeting on the new corp password policy (minimum 8, at least one capital and number). I opined that as our users were a lazy bunch and thus likely to want one password and many of our legacy systems maxed out at 8 chars for a password, I could deduce the following: A 7 letter dictionary word, first letter capitalised and a number on the end, probably zero or one. I also suggested that with that sort of hint, any competent cracking tool shouldn't need to break step on the way in.

      Looking at the expressions that produced on the faces around the meeting room table, I think I hit the jackpot.

  12. Peter Mount
    Joke

    Obligatory XKCD

    Everyone should know about XKCD 936 Password Strength by now? https://xkcd.com/936/

    1. Aladdin Sane Silver badge

      Re: Obligatory XKCD

      Yep, and it's been added to the list of unacceptable passwords in many places.

    2. Midnight

      Re: Obligatory XKCD

      correct horse battery staple is nice, but I prefer the Bruce Schneier password: uTVM,TPw55:utvm,tpwstillsecure.

      1. Mycho Silver badge

        Re: Obligatory XKCD

        The Bruce Schneier passwords are quite impressive, but I'd like to see an analysis of whether the text on the left side of the equals is really harder to guess than the text on the right.

    3. Roj Blake Silver badge

      Re: Obligatory XKCD

      There's a handy BatteryHorseStaple style password generator here - https://www.memset.com/tools/password-generator/

      1. Charles 9 Silver badge

        Re: Obligatory XKCD

        But now try remembering 20 of them. Or perhaps 50. WITHOUT a password manager because you don't actually OWN a computer.

  13. ukgnome Silver badge

    The password loop - only a real bastard would keep that going

  14. Anonymous Coward
    Anonymous Coward

    Humor is in the truth of it

    Glad to say under my new-ish corporate overlords, I've gone from 67 to 90 in my password increment digits after having to change it every three months.

    1. Robert Sneddon

      Reverse engineering

      Doing contract support at $Large Financial Organisation I temporarily needed a better login than the one I had to do something dangerous and irreversible without leaving (my) fingerprints in the logs if shit went wrong, so I asked my manager for his login and password which he gave me quite happily... The password ended in 22. Knowing the AD enforced password changes for security purposes every two weeks I speculated he had been there for about 10 months or so.

      "How did you guess?"

    2. tlhonmey

      Re: Humor is in the truth of it

      The proper thing to do is not to increment, but simply to add a character to the end. Which single, random character you added is pretty easy to remember, and you've been practicing the rest of the password for 90 days so you won't have forgotten it, and eventually you have a 60 character monstrosity of random characters and everyone wonders how you ever remember such a thing.

  15. mstreet
    Flame

    Can't talk...

    A favorite of mine, is to gasp/yell out "Can't talk, on fire!"

    Followed by a quick hang up. If they call back, just pick up and let out an ear-rupturing scream.

    1. Kiwi Silver badge
      Joke

      Re: Can't talk...

      A favorite of mine, is to gasp/yell out "Can't talk, on fire!"

      Hmm.. Nastier side of me awakening...

      "Oh, sorry I don't know much about that. I'll grab my son. Jim, someone on the phone about the computer. Jim? [sound like a father knocking on a bedroom door] Oh NO! Jim! NO! [into phone] He's hung himself. Quick, call the ambulance" follow by lots of sounds of screams etc.

      Or add in a few other endings.. Been shot/stabbed.. Looking at furry porn... Caught in the act with his mother...

      Sadly I don't get cold calls so can't have any fun :(

      1. Anonymous Coward
        Anonymous Coward

        Re: Can't talk...

        My wife had a nice one.

        She makes a young girl voice and yells:

        - "Mommy, there's this idiot babbling on the phone, do I hang up on him or let him talking his lungs out?"

        She then replies with adult voice:

        - "Watch your language young missy! [Slap noise]

        - Ow mommy it hurts! [slap]

        - Mommy stop! [slap slap slap] [crying] I won't do it again mommy! [hang up]

        Good times. Now we don't do that anymore, because people might actually report us.

  16. creepy gecko

    One to bookmark...

    Excellent, and it'll be worthwhile reading again, when having a(nother) bad day at the office.

    1. Mark 85 Silver badge

      Re: One to bookmark...

      So you'll be reading this again everyday? Or is there actually such a thing as a good day at the office?

      1. MrDamage

        A good day at the office

        Well, half day, after spending lunchtime at the pub, which was proceeded by a mornings work with the cattle prod, roll of carpet, shovel, and bag of quicklime.

  17. BinkyTheMagicPaperclip Silver badge

    Awesome

    However,

    '"Here? No, we implemented it and a bunch of other security measures but then we got told to turn them all off because it's hard for people to remember their password when it changes every six months. So there's no complexity and a two-year lifetime. The only time one of the execs on the top floor changes their password outside of this process is when they start up extramarital relationship in the building and don't want their PA to find out."'

    I thought BOFH was supposed to be satire, not real life?

  18. UNCL3LARRY

    Finally!

    Feels like forever since I last read a BOFH, great as always

  19. Unicornpiss Silver badge
    Happy

    Google Voice

    I find having a Google Voice number very useful. When I have to give a phone number to some odious person or organization, such as when car shopping for example, it's fun to see who decides to spam me on the number, then contact the only person or company I've given that number to and listen to them swear they don't share it with anyone. Then simply change to another number with a few clicks.

  20. Deimos

    I do love scam calls

    Mine are all from India and contain truly horrible mispronounced names, mostly because I gave a "survey which will never pass on your details" a name of someone who has been dead for 45 years.

    So far my very dead ancestor has been involved in all sorts of adventures and ordered all sorts of stuff. The most fun is explaining to superstitious scammers that they were talking to the house poltergeist, which normally causes death by fear (pinched that plot from various Ring movies). Always get a kick from asking them (very seriously) how tortured the ghost sounded.

  21. Will Godfrey Silver badge
    Happy

    Priorities

    The important thing is to remember you're supposed to play with them - rather like a cat with a mouse.

  22. Montreal Sean

    Congratulations you've won a trip!

    Got a bunch of phone calls from a scammer offering me a wonderful all expenses paid trip to their new 5 star hotel in Mexico.

    I let him ramble on for a few minutes and then when he asked for my credit card number to reserve my trip, I said:

    "Wait, did you say Mexico? I was asked never to return to Mexico. There was some trouble with the cartels and some explosions..."

    The phone call ended rather abruptly after that.

    1. Florida1920 Silver badge
      Pint

      Re: Congratulations you've won a trip!

      "Wait, did you say Mexico? I was asked never to return to Mexico. There was some trouble with the cartels and some explosions..."

      Best one yet. Have a few ----->

      1. Charles 9 Silver badge

        Re: Congratulations you've won a trip!

        Why not just simplify it to a, "Sorry, but I've been declared persona non grata over there."?

  23. AndGregor
    Pint

    Blooort

    I got lost then spat my beer on the monitor at the punch line, brilliant.

    My Friday is complete.

  24. Herby Silver badge

    Fun with phone calls...

    Mine was wonderful. A friend of mine died a couple of years ago, and I took over his cell phone number because we had some contacts in common (I used Magic Jack). He had LOTS of debt (including to me), and I wanted to be in the loop. A couple of weeks ago, I got a call from a debt collector (surprise!) and I played along, he asked me what I was going to do about the debt of some minor amount (in relation to mine which was a few orders of magnitude larger). I told the guy I wasn't going to do anything. He then started out with all sorts of legal jumble and giving me a bad time. I really didn't care, he was much farther back in the (debt) line than I was. He ended up quite flustered, and it felt good for me. It was truly a BOFH phone call.

    Another time a collection agency tried to collect on an older debt (over 5 years old) and when I asked for the date of the debt, he said the older date, and I replied "Good luck with that!". He hung up pretty quickly.

    Every BOFH in training should take it upon themselves to waste AS MUCH TIME as possible for the guy on the other end. This makes their "profit" per man hour go down, and thwarts their business model.

    Satire? I don't think so!

  25. bed

    The insurance scam

    Last year I hit a roe deer which bashed in the front of the car requiring new bodywork, raditor, A/C unit etc. Shortly afterwards I started getting phone calls from 01618544845, 01609608992 - (amongst others) trying to tell me I could make a claim against the third party. They didn't seem to know the third party was an ungulate, so could play up with 'will it be deer?" - though only when in the mood to do so. Fortunately the phone allows me to put a block on the phone number (and a growing list of them) so the problem went away.

  26. mky

    When I get cold calls or collection agencies...

    I ask to put them on hold, make them wait for 15-20 seconds come on the line and treat them like a phone sex line, when they interrupt, I quickly apologize, err wrong line and back to hold mode, for a longer wait. Wash Rinse Repeat till they hang up. Works every time.

  27. Borg.King

    Them: Is this <name here>?

    Me: This is his phone.

    Them: Am I speaking to <name>?

    Me: No this is not him. How well did you know the deceased?

    1. Alien8n Silver badge

      Re: Them: Is this <name here>?

      I may have to try a variant of that.

      "Not unless you're speaking to the chap with the multiple bullet holes creating the red stain on his carpet. You don't happen to know how to defuse a biological weapon do you?"

  28. LaeMing Silver badge
    Go

    I think I am now off the cold-call list for a funeral-insurance slinger. My preferred method of burial is to be left on the side of the road in a burlap sack and the council can dispose of the body at their expense or let everyone put up with the smell and associated public health risks. (#deathhacks)

  29. Morrie Wyatt
    Go

    Go you one better.

    My son dealt with cold callers by passing the phone over to my two year old grandson, and let them talk as long as they liked.

    Strangely enough, they didn't seem to stay on the line for too long.

  30. Unicornpiss Silver badge
    Happy

    One that amused me..

    Got the Microsoft scam call about 2 minutes after activating a new smartphone on a new line of service for one of our employees. I was still going through the phone setup when it rang.

    As soon as I realized what it was, I tried telling the drone on the line that I my computer was running Linux, then verbally berating him, calling him an idiot, etc. as he doggedly pursued his script, apparently not listening to a word I was saying, as my coworkers began laughing while my volume level increased.

    Finally (nearly shouting) I got him to hang up when I explained that he was calling not only a brand new number but a corporate IT department.

  31. Charles 9 Silver badge

    Has anyone tried a system where you pretend to be a robot with an old 80's voice?

    "Robot caller detected. Robot responder online and operational."

  32. Anonymous Coward
    Anonymous Coward

    On another forum, someone posted about receiving these calls. One of the other members operated a VOIP network server... he set the autodial to the scammers number & set it to call & play screaming monkeys at them. Over & over again, until that number was cancelled.

    Over time more people added the numbers they were receiving calls from & he treated them to the same, then when he had multiple numbers, got creative & started calling 2 & connecting them to each other.

    1: "IRS, can I help you?"

    2: "No, I am from the IRS!"

    1: "Stop using that fake Indian accent!"

    2: "I'm not faking and accent!"

    Fun when you have the tech available! :-D

  33. Kirstian K
    Devil

    I Changed my name about 10 years ago give or take, and i still get calls for my old name.

    this being a good initial sign this is a spam call. 'hi is this Mr xxx' ........ um (ok so i know this is a sales call from a VERY ols list, how much spare time do i have? do i fancy playing Y/N).

    but this has been great as if they say : 'we see you were involved in an accident within 2 years' well you can really push on that, i got them to admit once they have old lists they buy to make up call numbers.

    or sometimes, 'oh im sorry, i died about 10 years ago now.' followed by im sorry to hear that, and they continue...

    ive tried all the fun ones, 'sex change, call me mary' to im a mormon, and dont have electricity or a phone (great for survery calls) make up REALLY outlandish stuff. ive been 90, with a teenage bride, (or multiple).. its a challenge to make up the most outragious stuff you can and keep them going.

    My misses made an indian cry once because she kept asking if he was happy with his sexuality... lol (almosty felt bad for him)

    when there is time, and you int he mood it can be light releif.

    1. wowfood

      I tend to follow their instructions. Or at least pretend to, making sure to take my time as I do.

      Just keep them on speaker phone, randomly say "where the hell did I put it" etc.

      1. LaeMing Silver badge
        Go

        I believe if the trick is to get to the part of the conversation where you get to say "Hold on a moment while I go and get my credit card." They can be made wait several minutes as you wander off and forget about them.

  34. Anonymous Coward
    Anonymous Coward

    My daughter's technique is to scream "No he's dead!". I think I need to train her to go quiet, the sob a bit then whisper the same.

    I had a call from someone claiming to be from BT saying there was a problem with my line and they needed to fix it. I explained I wasn't with BT and left it at that.

    Couple of days later, call from same voice saying there was a problem with my Virgin line and if I didn't help him my BT - sorry Virgin line would be cut off. I just said that no it would and rang off.

    1. Charles 9 Silver badge

      Just reply you're with BT or a third phone company. Or say they've called a cell phone so wouldn't have wiring issues. See how long they play phone runaround with you.

  35. wowfood

    "A good thing too, because I have three passwords I use for everything – Low, Medium and High Security."

    I'm glad I'm not the only one who uses this system. I also have ultra-low, which is my work password... which just has in incrementing number on the end whenever they ask me to choose a new one.

  36. Anonymous Coward
    Anonymous Coward

    Password Evolution.

    My original password, assigned for my school email (and soon everything else) was only 7 characters long.

    Suddenly all websites decided they need a password with 8 characters. So I added a word to the end, pushing it up 12 chars.

    Now websites started telling me my password still wasn't strong enough for some reason (even though it was a jumble of letters and one word) so I had to add even more to the end.

    Suddenly, all websites NOW want symbols in the password, so I make up a new one with symbols in it, which follows the "It's a word in l33t speak" form.

    NOW I'm finding some websites which are saying this isn't strong enough (probably because they can tell it's just l33t speak), so I'm forced to make another password, which at this point I honestly can't remember to the point I've had to write it down, on a post-it note, next to my monitor.

  37. cortland

    Optional because it's easier than typing

    Juebghohsili. Raflzkuurn waakhmi? Waakhnu slivilik?

    Klingon is easier to remember,if you know it.

  38. Anonymous Coward
    Anonymous Coward

    The issue I have is not with paswords, per se, but the sites that feel it's necessary to have passwords. Does this site really need to have one? Are any of you in fear of someone posting using your user id? And if they did, and we didn't have passwords, a simple, "I didn't post that," should be sufficient proof of non-authorship.

    If some bloke is so hungry that he steals my loyalty points online from a sandwich shop to get a free sandwich, then bless them, and let them go in peace. And I don't really care if someone steals my grocery store couponless coupons. I don't know why they would - they are free to everyone.

    My solution is by far the worse of what I have seen here. When I bookmark a site, I rename it 'site userid password'. Nothing to look up. When I click on the site I see the userid and password I have assigned. The only exception I make is for my seven-figure investment account, but my primary security on that account is not the very convoluted password I have for it. It's that no one knows it exists.

    1. Anonymous Coward
      Anonymous Coward

      "And if they did, and we didn't have passwords, a simple, "I didn't post that," should be sufficient proof of non-authorship."

      Except the impostor would just counter, "I didn't post the 'I didn't post that.' Someone's just impersonating me." Now you're into a "I said, you said" problem. Plus there's potential for identity theft, and they need not know your particulars if they can just track your message patterns and mannerisms, which can be as unique as fingerprints given enough data.

      "It's that no one knows it exists."

      Except that someone else MUST know: someone in the firm that manages your account. Without security safeguards, someone in the bank (not necessarily in charge of your accounts) could glean enough information to start tapping into it.

  39. Anonymous Coward
    Anonymous Coward

    @hotmail.com... good 'ol days...

    I created an @hotmail account eons ago.

    Within 10 minutes I had 15 spam messages, back in the day, when Microsoft "will never tell your e-mail" blablabla... They didn't get much smarter ever since. Good spam filter testing, though.

    Another good trick for p2p networks is to spew searches with 32 random characters. Those that show a valid file name with those EXACT 32 characters ending in .mp3, .mpg or whatever, you can cross off the list of valid servers. It's like asking your monkey to search for Shakespeare on google, and finding it!

  40. LaeMing Silver badge
    Happy

    Heh, just now got a call (on my work phone, no less) about "My inquiry regarding an MBA course." I explained I have a real job and as such don't have any need for an MBA.

  41. Giraffe67

    Banks

    I love it when the bank contacts me and then asks me to confirm my details.

    "and how do I know you aren't a scammer trying to get my details, you called me, you know who I am!"

    Then they ask you to call them back but won't tell you why!!!

    "if this is about my credit card being overdrawn by $5, I'll fix it when I care, I'm not going to bother calling back."

    Because I'm always going to contact my bank for the reason "I don't know".

    Tossers.

  42. 2Fat2Bald

    I just say "I don't give out any information to unsolicited callers". Mostly they say "Oh, goodbye". Sometimes they say "But I only wanted..." and I just repeat "I don't give out any information to unsolicited callers".

    After a few rounds of this I say "Sorry, but I've got a queue of people with me and it doesn't look at if we can do business. I'm going to have to go".

    1. Charles 9 Silver badge

      And if they CALL BACK with an unblockable number?

  43. yorgasor

    My personal favorite

    I answer in a very gruff sounding voice:

    "US Embassy, this is Sgt Detritus. The line is secure, you may proceed agent."

    The line usually goes dead immediately, but sometimes I get a surprised sounding yelp before they hang up :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019