1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads/AI Slop
No advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.
A collection of some classic Lemmy memes for your enjoyment
Even worse the silent invalidation of a correct password.
Use password manager.
Can't log in, because "password is incorrect"... Fuck you! It is not! I copied in the same fucking thing as months before! If you want to force me to change it then say it! Asshole!
sorry, but your new password cannot be the same as your current one.
isFirstSuccessfulLoginAttempt
Important distinction.
Yeah, as it is it only works if the brute force algorithm gets it on the first try.
Or the variables are terribly named
Boho sort is O(1) in the best case scenario
i guess you mean bogo sort? just verifying that output is sorted requires O(n). In Quantum bogo sort, you can skip verification.
Yeah, stupid autocorrect. And verifying ain’t the same as doing. I’ll come in, I’ll “sort” your data, and I’ll do it damn fast. You want verification that’s extra!
but how do you know you are done. maybe there are different ideas of what bogo sort is, but as i remember, it is basically a while true (or while false loop) with condition - while list_is_not_sorted { return_a_random_ordering }
Yeah but I said in the best case. In the best case, your randomization is correct so you don’t need to check it
At least make it if !isPasswordCorrect || isFirstTry
guard isFirstAttempt { return LoginError(); }
I swear Microsoft does that.
Center guy's hair got visibly lighter from the stress
The only part that works is that I get to keep my trust issues.
How does this 'kinda work'?
It rejects the first [correct] login attempt (it’s worded poorly). It assumes that a brute force attacker will try any given password once and move on, while a human user will think they made a typo and try again. This works until the attacker realizes that it takes two attempts, in which case it merely doubles the attempts required to breach the account, and simply requiring an additional password character would be vastly more effective.
What a shitty user experience for regular users.
which is why they made a comic instead of a revolutionary thought leading blog post
Hey now, I'm sure there's someone on LinkedIn suggesting this exact thing with layers of corporate speak.
It doesn't. Cracking programs don't use the user login form repeatedly. They use the same algorithm that creates the publicly encoded password to generate encoded passwords and keep going until they have a match. Besides getting the encoded password and salt, everything is done offline.
This just creates a really bad user experience.
If they actually use the real login form, most websites block an account after X attempts. Sometimes for 1-24 hours, sometimes until you do a PW reset