>your new password is too similar to a previous password.
>>60341149
Don't be afraid, *maybe* they just edit your new password a thousand of different ways and compare the edits with your old hashes :^)
>>60341149
Well, if you input your previous password along with the new one, the error message is appropriate and does not imply any security holes.
>>60341149
There's a big, important difference between "similar to" and "identical"
Some things keep the *hash* of old passwords, to keep you from circumventing forced changes by rotating identical ones. This isn't inherently insecure unless you use those old passwords elsewhere AND the database is compromised
>>60341224
It literally says too similar in the OP, dumbass.
>forget password
>click reset link, enter username and email
>Thanks, your password has been emailed to you
>make account
>error: your password must be between 6-10 characters and may only consist of letters and numbers
>Please enter the chinese alphabet in reverse order to prove you're not a robot
>>60341210
You where right, I changed my password to something random and then tried again.
I feel stupid now.
god fucking damnit humans, why r u so dum
to hell with realization
>>60341149
>all of my passwords have the same length