>type in password wrong by 1 character >it works

File: 1495881272360.png (28KB, 612x476px) Image search: [Google]

28KB, 612x476px

>type in password
>already taken by another user

>>60927952
Is this real?

Kek which website was this?
That's some lax password checking.
Likely they just trim your password down to 8 characters or whatever and then just use that
I recommend testing to see what level of error tolerance is allowed to hone your password attacks.

>>60927959
Yes, they even stored the passwords in plaintext.

>>60927959
no and if you have to ask that you probably should go to the place where that pic was taken

File: 1496238100145.jpg (277KB, 960x929px) Image search: [Google]

277KB, 960x929px

>>60927921
>not sure if you accidentally hit an extra key while typing password
>delete and retype it all again

>>60929502
This happens to me all the time.

>>60929502
I did this too, but I started doing this real life mini game where I try to save by incorrect typing by 'guessing' what exactly went wrong.
After some time I got pretty good at noticing when and how muscle memory fucked up.

File: ragetears.jpg (53KB, 396x282px) Image search: [Google]

53KB, 396x282px

>make memorable strong unique password
>YOU MUST MIX CASE
>make mixed case strong unique password
>YOU MUST HAVE A NUMBER
>make mixed case numeric password
>YOU MUST HAVE A SPECIAL CHARACTER
>add ½ to end
>YOU MUST HAVE A SPECIAL CHARACTER !@#$%^&*( or )
ARE YOU FUCKING KIDDING ME WHAT KIND OF CANDY ASS SHIT IS THIS
>wind up with weak ass password that is so fucked up it's impossible to remember

This shit makes me fucking rage like an autist who's peanut butter was taken away.

>>60929827
I usually do something like
>PASSW0rd!google

A password which fits 99% of website requirements + url or shortened name.

>>60929827
Use a password manager.

the ones that cut off your password without telling you are the worst.
it ends up being a hard limit in their requirements and you end up getting frustrated when you keep resetting it until you figure out what is going on.

>>60929827
I always use a terrible password on purpose on those sites
passwordA1!

File: 1420907173150.jpg (7KB, 274x184px) Image search: [Google]

7KB, 274x184px

>>60929867
yeah that's fucking safe. about as safe as my MIL who has a 10 year old sheet of notebook paper with every password written down with the website. it's fucking brilliant as long as nobody sits down at your computer.

>>60929863
That's a little obvious, I mean if your reddit password PASSW0rd!reddit gets compromised it's pretty obvious your password for, say, steam is PASSW0rd!steam

But what really makes me mad is changing case, a single number and using "special characters" aka SHIFT+number does fucking nothing for security- in fact it reduces it because it eliminates whole sets of possible passwords (anything without those exact features). I stopped using L33t passwords in 1999, it's so maddening that middle aged programming managers have started forcing millenials to write h4X0r password requirements from the 90s.

>>60930011
right but who can remember which terrible password you used? and passwordA1! isn't any harder to crack than L33th4Xor@#

>>60930042
idiot

>>60927921
I think I know that feel, but it probably didn't happen in reality. I sometimes get sloppy right at the end of the password and it feels like I hit \ right before enter but it goes through anyway

File: file.png (13KB, 471x216px) Image search: [Google]

13KB, 471x216px

>>60930129
retard

>>60929827
>Have literal brain damage and cant come up with methods of remembering things
I'd be annoyed too.

>>60927981
>>60928043
i don't know what to believe

>>60930042
You are right but I don't think that I'm important enough for anyone to find out.
I don't care about my reddit account desu, I only comment on memes or ask specific shit on askscience. My banking account has a unique login and so does my mail account for sites that actually have real information about me.
If someone compromised my login I would find out since I get mails when I login from my work pc for almost all important sites.
If I say I have nothing to hide I don't mean that the government is free to spy on me, it means that ever bit of remotely relevant information is behind above average security measures already. The rest is scraps you can use for ad purposes at best.

>>60930042
Also, changing cases or using haxxor language is simply to fit the requirements AND remember it.
I agree that the requirement itself is stupid but pls don't criticise me because I place them where it's somewhat easy to remember.

File: millenial.png (683KB, 561x653px) Image search: [Google]

683KB, 561x653px

>>60930381
oh I'm sorry

>>60930407
I'm not offended, I just say that replacing o with 0 is easier to remember than placing random numbers afterwards. Or replacing 1 with ! to get the special character requirement.

>>60930042
>it's fucking brilliant as long as nobody sits down at your computer.
What?

>be me
>use password manager
>someone sits down at my computer
>none of the passwords are saved in the browser, there are no plaintext files, no post-it notes or notebook paper, instead they're all in the (encrypted) database they have no access to
>none of them are easily guessable either regardless of how much information about me the attacker has, because they all consist of like 30+ random characters and except for the most important ones I don't even know them myself
Ok so what does this person sitting down at my computer do next to get at my passwords?

>>60930239
believe in reddits incompetence

>>60931365
Threatens to put you in jail for contempt of court until you tell the passwords

>>60931422
I don't see how the password manager affects that.

Sure if you've got them all in your head you could claim you forgot them, but you can just as easily claim you forgot your master password with the same result.

>>60927952
Lost

>>60931448
No, you don't understand.

You get to stay in jail until you cough up the passwords and if you never do, oh well. Enjoy your life in prison.

This is how the law works in >70% of the world

File: 1395368292964s.jpg (3KB, 89x125px) Image search: [Google]

3KB, 89x125px

>>60929827
>your password may not be more than 8 characters

>>60931483
I STILL don't understand how a password manager affects that. If that's how the law works, then it's going to work that way even if you aren't using a password manager.

>Use the password I've used for every service since I was very young
>Service has some sort of arbitrary requirement it does not meet
>Have to make a longer bastardization of the password to meet the requirement
>Have 5 or 6 versions of the same password in my head and often have to just try them all

>>60927921
maybe they randomly add an optional pepper and you happened to guess it by pure chance

>>60931483
Not in 1st world countries, where you're considered innocent until proven guilty.

>>60931559
I used to have this, then the number of passwords outgrew my capacity to reliably remember them (or in some cases outgrew the number of allowed attempts before the login throws a memefit) so I switched over to a password manager.

Would recommend, although make absolutely sure it's non-botnet before adding your passwords to it (by definition this already takes online managers out of the equation, do your research from there).

File: 1437633372541.jpg (159KB, 805x1024px) Image search: [Google]

159KB, 805x1024px

>password must be between 8 and 16 characters

>>60930239
Holy shit you're the dumbest person I've met this week. Congratulations.

>Password is supposed to be something only you know
>The company also knows it
bullshit

>>60931761
Dumb for asking a simple question. Makes sense.

I'm sure you get along great with your coworkers.

>>60931483
You must be a special kind of stupid.

>>60931877
red dit

>Company contacts you asking for your password
>Red flags come up because you know that companies should never ask people for their passwords
>It's real
>The company actually lost the database associating users with their passwords and has to ask people to put it back together
has this ever happened?

>>60932171
cock.li after the germans confiscated the hard drives

>>60927921

>things that didn't happen
>the post

You really don't understand how it works, do you?

>>60932427
Wait did they do that? Honestly it's fucky enough (no password reset, for instance) that it sounds like something they might have done.

>>60931761
>>60931913
>getting mad at somone for not knowing enough about redit
>calling him dumb
>saying he needs to go back to redit

Take your own advice and fuck off, would you?

>>60932440
Then how did it happen to me 5 hours ago? Checkmate

File: Screen Shot 2017-06-16 at 4.36.51 PM.png (19KB, 882x31px) Image search: [Google]

19KB, 882x31px

>your password may not be more than 307200 characters

What the fuck is this insecure bullshit

>>60927977
judging by the font I'd say it's reddit

>>60932527
I wonder if they have server-side validation for that.

>>60929827
I use a generated tripcode as a password

>>60932799
Hmm
>get stupidly easy to remember password
>use site name/identifier as salt
>hash to get the actual password

Assuming practically nobody else uses a scheme like this so attackers don't bother targeting their attacks for it, you get:
>immune to dictionary attacks
>a site breach doesn't lead to your other passwords being compromised unless the attacker bothers to break your hash, but why would they ever waste time doing that
>stupidly easy to remember
>no need for password managers or similar storage
>can be used for any number of sites
>requirement is that the machine you're on has a convenient hash function

That last requirement might be annoying if you're on windows or something, which I don't think has an easy built-in way to hash things so you'd have to go through the hassle of installing something like that if you want to login on a friend's computer. Most linux installations come with packages that let you hash things, and you can also install one on your phone (and you don't usually use other people's phones so the windows argument doesn't apply here).

Another way to put it is that you'd hash the site name using an easy to remember pepper. What could go wrong? No, seriously, is there any reason not to do this?

File: Screen Shot 2017-06-16 at 5.17.07 PM.png (9KB, 550x23px) Image search: [Google]

9KB, 550x23px

>>60932660

>>60927977
>he's pretending he doesn't know
Just go back there and never return

>>60931737
Anybody found her yet?

>hotmail
>huge secure password from 2003

>fast forward a decade, Microsoft change password system
>passwords now have a max size
>enter password
>password field doesn't terminate at the limit
>incorrect password
>try again, this time counting out the characters up to the limit
>incorrect password still

>contact them to get it fixed
>give them evidence of folders and some mail
>lol nope

Gee thanks Microsoft. Die 50 million times.
Not that it mattered. I only used that shit thing for MSN and some shitty gaming forums back in my early teens.
If Google did it, the e-mail I actually use, oh boy they'd be sued to the ends of the Earth.