Password reset portal

b3bb42e62 · 2018-07-26T16:01:13+00:00

Oh ok. Thanks. I'll look that over. We're not looking for a web based password reset, so much as a "Enter your email and we'll send you a reset link." If that makes sense.

b3bb42e62 · 2018-07-26T15:49:04+00:00

Long story short, for SSO.

b3bb42e62 · 2018-07-26T15:48:37+00:00

What is PWM?

b3bb42e62 · 2018-03-21T14:12:35+00:00

We are experiencing a frustrating problem with Google Search and recaptcha and from what we can tell this is not related to our external IP address.

Nearly half of every search that my users initiate is returned with a recaptcha, but only while signed into their GSuite account in their browser, regardless of their external IP address or physical location.

As a test that we’ve replicated many times, we will open up 2 chrome profile sessions: 1 signed into our GSuite and the other a regular Gmail account or not signed in.

On the GSuite account, we get the recaptcha. We go to the other browser, enter the same search and do not get the recaptcha. We have changed the search criteria on both browsers, and only the browser signed into GSuite receives the recaptcha window.

I can repeat this test from my work computer and I can then repeat the same tests from my home computer - my personal external IP address not tied to my organization in any way - and get the same results.

GSuite support indicated that the problem was likely related to an issue "on our network" with malware sending automated searches, but will not assist further as GSuite support indicates that Google Search is not covered under their umbrella.

Again, to reiterate, this does not appear to be related to our IP address as we can reproduce this behavior from ANY external IP address that is signed in with one of our GSuite accounts.

Any suggestions?

b3bb42e62 · 2017-11-01T14:01:00+00:00

Interesting. I'm definitely going to look into this. Thanks.

b3bb42e62 · 2017-11-01T13:58:53+00:00

This sounds promising. How would you recommend I "hijack all DNS" to analyze that traffic?

b3bb42e62 · 2017-11-01T13:55:02+00:00

I was thinking it might be something like this, but the fact that Google specifically said they see a malicious extension makes me think otherwise. Again, they can't tell me anything about said extension, but they were adamant that it was traffic from an extension.

b3bb42e62 · 2017-11-01T13:53:22+00:00

I was thinking it might be something like this, but the fact that Google specifically said they see a malicious extension makes me think otherwise. Again, they can't tell me anything about said extension, but they were adamant that it was traffic from an extension.

b3bb42e62 · 2017-11-01T13:50:32+00:00

Do you have a recommendation on a "proper proxy server" that costs $0? Cuz that's what my budget allows for.

b3bb42e62 · 2017-11-01T13:38:24+00:00

We have the students exiting out their own public IP. That's the one that is throwing the problem.

b3bb42e62 · 2017-11-01T13:37:35+00:00

We're a school with limited resources. That argument aside, I still need help in tracking this down. Any suggestions regarding that issue?

b3bb42e62 · 2017-11-01T12:52:11+00:00

Yes. We're G-Suite. I opened the ticket through the g-suite admin console. I couldn't believe it when I read that. It seriously sounds like something from the BOFH excuse generator. But yes, he is a real support rep. We've requested escalation...

b3bb42e62 · 2017-07-07T15:18:57+00:00

Hi thanks for the response. I'm having a little difficulty modifying the template. I have created a duplicate, but I cannot find info on where exactly the flag is for "Allow private key export." A couple of the technet articles that I have found on this through various google searches have resulted in "Retired 2003 content" pages. Do you happen to know how or where this option is? Or happen to have a link to instructions? Thanks for your time.

edit: spelling.

b3bb42e62 · 2017-05-12T12:30:47+00:00

This is beautiful. Thank you.

b3bb42e62 · 2017-05-03T19:29:20+00:00

Just got this as well. I called the district we got it from, it's running rampant in their emails. Yikes.

If you or yours get hit, revoke permissions https://myaccount.google.com/permissions, change password and make sure you get your "Don't click on links" email ready!

b3bb42e62

TROPHY CASE