• Landless2029@lemmy.world
    3·
    1 month ago

    Never have this problem anymore with a password keeper. All new passwords are unique.

    What REALLY pisses me off is when:

    • register for account
    • cannot register, account already exists
    • password reset
    • account not found
    • Serinus@lemmy.world
      2·
      30 days ago

      I absolutely do. It’s not that the password was wrong. It’s that they wanted to invalidate all existing passwords and make you change it.

      The easiest way to do that is for them to force everyone through the “forgot password” workflow. Zero or minimal code changes. They don’t want to make a new, but very similar , “we had a security breach and are requiring you to change your password” workflow. They just don’t care that they’re blaming you for their problem.

    • Vanilla_PuddinFudge@infosec.pubEnglish
      1·
      30 days ago

      We require our users use a password that is in between 8 and 14 characters, contains more than 2, but not exceeding 4 special characters, and at least 3 uppercase letters, 3 numbers with 0 repeating digits.

      Generator: “…fuck you?”

      • Elgenzay@lemmy.ml
        0·
        30 days ago

        And while requiring special characters, they only allow some special characters. So you just turn off special characters in the generator and then add an exclamation mark at the end

  • orca@orcas.enjoying.yachts
    2·
    30 days ago

    Here’s my recent favorite:

    • Try to log into site
    • Tells me my password is wrong… uhh okay
    • Try to reset password by auto-filling a new one from my password manager
    • New password set successfully! Yay!
    • Try to login again… fail. Wrong password… fucking what…?
    • Realize that their password field was clipping the password length off at some max length not fucking mentioned anywhere, so I have no clue what the actual password is without trial-and-erroring, which then results in an account lockout again

    I’m a programmer and this kind of blatant stupidity from massive companies pisses me off to no end. MAKE YOUR PASSWORD REQUIREMENTS CLEAR. MAKE YOUR UX CLEAR.

    • MisterFrog@lemmy.world
      0·
      30 days ago

      Maximum password lengths at anything below 64 characters grinds my gears.

      Signed up for a bank account once that limited you to 12 characters. 12. And you could only chose from like 4 special characters.

      No 2FA. No no. But the customer service agent pointed out they require you to also use a 6 digit second password!

      That’s a 18 digit password where 6 of them must be numbers.

      Absolute travesty.

  • Almacca@aussie.zoneEnglish
    1·
    30 days ago

    Fucking Spotify. Tried to reset my password - ‘There is no record of this email address’ Tried to make new account with same email - ‘You cannot create a new account with an existing email’ :|