375
submitted 1 year ago by Geert@lemmy.world to c/memes@lemmy.world
top 30 comments
sorted by: hot top controversial new old
[-] ogeist@lemmy.world 54 points 1 year ago* (last edited 1 year ago)

This happens when the password requirements are changed or the password database has been leaked.

I will let you know that I'm extremely fun at parties.

[-] NegativeInf@lemmy.world 12 points 1 year ago

You should have your own parties with more people like you. I'd go.

[-] psivchaz@reddthat.com 10 points 1 year ago

This also happens when your password manager, for example, generates you a 24 character password which the registration accepted just fine but the login form inexplicably has a limit of 20 characters which has happened to me multiple times somehow.

[-] Linssiili@sopuli.xyz 1 points 1 year ago

We have this issue in an internal tool at my workplace. My coworker is the only one who has long enough password and is too stubborn to change it, so they change the (client side) limit every time they log-in.

[-] Z3k3@lemmy.world 5 points 1 year ago

Omfg thank you.

Yes I use a password manager *now Kid me was a moron but it's nice to understand what caused this finally.

[-] trones@ythreektech.com 3 points 1 year ago

It also happens when the server side hash gets corrupted in the main password field, but not in the table containing previous hashes.

[-] GrabtharsHammer@lemmy.world 3 points 1 year ago

This also happens when the user types the correct password but does not notice the typo in the username.

[-] purplemonkeymad@programming.dev 2 points 1 year ago

It can also happen if you are using an old password. To prevent reuse of old passwords the hashes are remembered, if you attempt to reset the password to an old password you often get the exact same message.

[-] EmptySlime@lemmy.blahaj.zone 2 points 1 year ago

I forget what it was but something I had an account on for a time forced you to change your password every 6 months and prevented you from reusing any from the last 5 years. It was ridiculous.

[-] sock@lemmy.world 2 points 1 year ago

i don't like being in the world where solving peoples inconveniences that are easily solved is seen as bad

my friends are like noo let me just be angry and im like why its clearly pissing you off and 3 clicks will fix it

[-] spudwart@spudwart.com 2 points 1 year ago

Then it should just prompt you to change your password after login, not do this circular bullshit

[-] ogeist@lemmy.world 1 points 1 year ago

It would be a security risk if the database was leaked.

[-] someacnt@sopuli.xyz 2 points 1 year ago

..wait, so it means my password was leaked??

[-] ogeist@lemmy.world 1 points 1 year ago

It is a possibility, there are pages that scrape the dark web where you can check if your account and password are out there. But note that this means more information could be out there. This is not preventive it is informative.

[-] MystikIncarnate@lemmy.ca 1 points 1 year ago

yep, I'm a sysadmin and we do this to people. We'll invalidate their password by forcing a password change, but if you miss the password change window (it's usually timelocked), their existing password will become invalid, and they'll need to call us to have it reset, then they try to change it back to what it was but password history is on, so they can't use any of the last x passwords (usually 3, but it can vary); and it's interesting to watch them struggle to set a password that complies with complexity, length and history requirements. It usually takes 5-10 attempts before they find one that works.

As a sysadmin: no, I don't know what your password is, they're all hashed and salted on the back end. No, I don't want to know what your password is, I don't care, I can reset it at any time and override the locks we have on your files that only allow you to see your own data, and gain access to pretty much anything at any time. I have my own set of credentials that are admin level and I can do whatever I want with that. Related, unless asked, I don't do anything regarding your data, since I'm too busy to bother snooping through whatever you have saved; this is also a moral and ethical problem, and can lead to me being dismissed if I do it without just cause. The only people with the authority to ask me to do that are basically the executives of the company and the police. Short of you being investigated for something you've done wrong on the systems I manage on behalf of a company, your data is private, with a very high level of probability that the privacy of your data will never be compromised unless you depart the company as an employee, in which case your email is probably going to get transferred to someone else, and/or your data will be exposed to find any relevant notes/files for ongoing projects that you were assigned.

Long story short: don't do sketchy/illegal shit on work computers/systems. The systems are not yours and the data on them is entirely the property of your employer, regardless of how it ended up on the system. I get that you want pictures of your grandchildren or favorite pet as your desktop wallpaper, but you're handing them rights to use those images if you put those files on your work computer. It's EXTREMELY RARE that someone's personal photos will be used for any reason, even if they're found on a work system, but it's not impossible. Let work be separate from your personal, and just leave the system as-is. Do your work and go home. If you really feel the need to have such photos, go to a photolab and print them off, put them in a frame and place them at your desk; that's considered a personal effect and such items are still your belongings, and the company cannot take possession of them whether you work there or not. Don't sign into personal email or accounts during work time, if you must, use incognito or private browsing, or be a normal, sane person and just use your personal cellphone.

[-] ogeist@lemmy.world 2 points 1 year ago

Oof I have colleagues that use the company phone as their personal and will not buy their own.

[-] MystikIncarnate@lemmy.ca 1 points 1 year ago

Classic mistake.

[-] RememberTheApollo_@lemmy.world 16 points 1 year ago* (last edited 1 year ago)

Fuuuuhk this.

That’s right up there with trying to login…

Username incorrect…

Retrieve username

There is no account associated with this email…

make new account

“This email address is already associated with another account”

WTF.

[-] StereoTrespasser@lemmy.world 4 points 1 year ago

I can't tell you how many times this has happened. Each time I lean back in my chair and wonder why software developers are so full of themselves.

[-] Mr_Fish@lemmy.world 15 points 1 year ago

Pro tip: don't use the same password everywhere, use a password manager.

[-] sagrotan@lemmy.world 6 points 1 year ago

KeePass is my brother, self-hosting is his game

[-] SirBucksworth@lemmy.world 1 points 1 year ago

Even with a password Manager it happens to me. But only on twitter. Elon f*cked even the login process!

[-] Forester@yiffit.net 0 points 1 year ago

Pro tip you can bitlocker any spreadsheet

[-] Chais@sh.itjust.works 3 points 1 year ago

Or you can use an actual password manager, so you don't have to copy and paste user and password manually and also get support for TOTP. And handy tools like a password generator.
Spreadsheets are just a woefully inadequate tool to manage your passwords.

[-] BigBlackCockroach@lemmy.world 8 points 1 year ago* (last edited 1 year ago)

the most popular passwords are: 123456 and letmein

If you use "incorrect" they will never see it coming.

If they have 2FA then yes use the same password. If not heeeeeeeeeellllllllllll no.

[-] AgentGrimstone@lemmy.world 2 points 1 year ago
[-] DestroyerOfWorlds@sh.itjust.works 1 points 1 year ago* (last edited 1 year ago)

why is that guy standing under a weird nipple?

[-] SpaceNoodle@lemmy.world 7 points 1 year ago

TIL nipples are just smoke detector mounts

[-] starman2112@sh.itjust.works 1 points 1 year ago* (last edited 1 year ago)

When what you typed was hinter2, hynter2, huntet2

Why I always click the lil 👁️ button

this post was submitted on 03 Nov 2023
375 points (93.1% liked)

memes

10173 readers
2119 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

Sister communities

founded 1 year ago
MODERATORS