back to article Ticket site sorry for pisspoor password wrong

Ticket site Lunatickets apologised to users who got an email overnight telling them their password had been changed. A Reg reader was almost amused to get the following password reset email from the firm. Dear XXX Your password to login to www.lunatickets.co.uk has been reset. Your new password is pissflaps. You can change …

COMMENTS

This topic is closed for new posts.
  1. Forename Surname
    Alien

    Damn!

    Looks like I'll have to change my password! I use the same one in lots of places so it'll be a big hassle.

  2. Code Monkey

    Schoolboy error

    I'm as prone to using daft test data as the next dev but I NEVER mess about with anything that can send email. My tests are always along the lines "This is a test email from [company]. If you have received this in error, please ignore it."

    It's po-faced but the consequences of forgetting your test app's connected to, say, your company email list are too embarassing to contemplate.

    1. Anonymous Coward
      Coat

      Schoolboy error

      Its a mistake everyone makes the once.

      I remember many years ago, i was doing some work on a database, so i created a temporary column with a stupid temporary name, did my work, and that was the end of it.

      Except i forgot to delete the column.

      This was all fine until our Boss got a phone call from the DBA at the (really big utility) firm we were doing this all for, a few months later, asking what the column, Erm, lets call it "Willy" was for, cos it wasnt in the schema document.

      I didnt get fired, but it was really close.

  3. Anonymous Coward
    Anonymous Coward

    Be careful

    Given that ElReg stores user passwords unencrypted, you should be a bit careful when criticising other companies password cock-ups.

    1. some-reg-reader
      FAIL

      Yes

      I agree

  4. LuMan
    Coffee/keyboard

    New keyboard

    Surely I'm not the only Reg reader with a level of schoolboy puerility to find that email absolutely hilarious...

    1. Matt Newton

      no you're not

      i was reading it to my boss and cracking up laughing.

  5. Wize

    If you are going to use test data

    At least keep it clean. You don't know when its going to spring out of an old backup.

  6. sig

    Permission to swear, Sir?

    Years ago I was working in third-line support for a major online travel site. A customer had received a password reminder email; problem was that he hadn't set his password to 'youareatw*t' as stated in the email. I was asked to investigate how many customers had 'strong language' in their password. I got to write a report which included a table of sweary words, combinations thereof and numbers of occurences.

    Discussing the report in a meeting with the account managers was entertaining.

  7. ITDirector

    Not new!

    IIRC, that particular password (albeit in the singular) was used by one of the world's largest banks back in the 80s during a 2 week install/rollout of an FX/MM product. We used a 2 part system (4 chars each) for security, via sealed countersigned envelopes. Needless to say, there are plenty of creative options with only 4 chars to play with, and this was the best permutation. It gave complete access to the Prod system...

  8. Anonymous Coward
    Paris Hilton

    This is what you get.

    When you piss of the temps.

    Paris, for obvious reasons.

  9. Anonymous Coward
    Anonymous Coward

    You sure it ws'nt....

    www.lunatics.co.uk ?

  10. John Tserkezis

    Funny if it wasn't your fault. :-)

    Some years ago in a past job, my job was installing and testing the software another department wrote.

    This was back early in the Win v3 days, and MSDOS apps (and MSDOS only setups) were still quite prevelant. The executable for this particular windows app had a DOS message along the lines of "this program will not run under MSDOS" or similar. Except it wasn't simlar, not even close.

    I won't repeat here (truth be said I've forgotten the exact wording), but it made it quite clear the user running the executable lacked various forms of intelligence, and went just short of questioning the users' parentage for attempting to run this under DOS.

    Our strict build controls meant the chance a user would see this would have been very slim, but not impossible, and certainly not something that would flair the reptuation of a multi-million (billion??) dollar company.

    Told my boss, who appeared rather pissed off to say the least, who then went to the boss of the department writing the software. I have no idea how diplomatic he was about it, but the text string was changed promply, and we all in the workshop had a good laugh about it.

    I'm guessing that software dept wasn't giggling at the time.

  11. Simon Millard
    Happy

    Thank You

    This story brightened up my day.

  12. Anonymous Coward
    IT Angle

    Testing with a

    We were once testing email connectivity via a telnet session and I happen to send my colleage an email from a made up address simply with the word TW*T in the body of the message.

    We were doing this to test some makeshift monitoring we were doing.

    It worked, only it was picked up by the email police in the building (profanity wasn't allowed) and were instructed to explain the purpose of the email. My colleage very quickly came back with the fact that TW*T was an acronym for Testing With Anonymous Telnet. The dude went away and left us alone either beleiving us or impressed that he came up with this so quickly.

  13. Anonymous Coward
    Linux

    SQL Injection

    At the time release of this article. Their website was plagued by SQL injection exploits. This was the first time I had visited it and could count at least 5. It seems their "security" team had used a completely new test system as live. Damn idiots.

This topic is closed for new posts.