This happened to me three days ago, in the worst of possible circumstances.
At the University at Buffalo, there is a single password (one pass to rule them all, as I call it) which:
- Signs onto the Resnet.
- Checks our email.
- Posts Usenet messages.
- Logs into the timeshares, except those for specific departments.
- Checks our grades.
- Registers us for, and drops us from, classes.
- Probably some other functions I don't recall offhand.
Losing this pass would be far worse for me than losing the root pass on my Linux side, which someone would almost have to get to my machine to use.
I check my email using Netscape. When I go to check it, it takes a minute before the server asks for a password and NS opens a window to prompt for the One Pass. So I saw that window pop up, and my fingers started typing while my eyes saw one of my E2 friends' AIM window pop up. And then The Inevitable happened.
I tried to keep up a conversation, while waiting one eternity for the UB page to load and take me to the remote "change pass" page, another eternity for it to confirm my old pass and process the change, and a third one for the 1 hour it takes for the change to propogate across all the systems. All while being casual on AIM, like the pass was nothing more than some sort of network static.
Not as bad a situation as that faced by jamyn, to be sure, but still pretty damned frightening!
clearpebbles, if you're reading this, I'm sorry - I don't doubt you're a wonderful person for a minute. However, I'm damned paranoid. As in, damned if I am, damned if I'm not. And I'd prefer the former, since it's less absolutely damning. I knew that you were presently on the net, and knew my real email address, and thus the username and host you might try to log into. I just had to hope that if you, or someone looking over your shoulder, was a cracker, they wouldn't recognize the pass as such.
If anyone cares, since that pass is now permanently retired, it was "b4rkhawd!", a corruption of "bark hound". Ironically, I am a cat person.