hunter2
I am so sick of this joke. Under every single post related to passwords, there’s always someone coming in the comments saying ******* like you just did.
Ah, good, you still can’t see my password 👍
Ah, good, you still can’t see my password 👍
Im not sick of the joke. Keep it going!
^Password must be 12 characters long and contain lower and upper case letters, a number, a special character, your mum, a solution to the Middle Eastern crisis, the last digit of pie and god’s middle name^
In case you never saw it when it first came out: https://neal.fun/password-game/
2MumSolution
It satisfies all of them, if you don’t understand that’s a you problem
aA1!:-)atheism2.71828Humberto
Error. Password must be 12-31 characters and contain all of the following:
- A lowercase letter
- An uppercase letter
- A numeric digit
- At least one but no more than two special characters
It must also not contain any of the following:
- More than three repeating characters
- Your first or last name
- An email address
- The last four digits of your SSN
- Your birth year
- The website name
- An undiscovered prime
- More than 80% of your previous password
I like testing websites maximum length. I’ll set bitwarden random generator to like 100 and see if it accepts the password. After that I start testing if it’s actually using the whole password or arbitrarily cutting it off early without telling me
i have totally run into stuff that silently truncates the password i give it. It’s always something like online banking that you would hope has robust enough security standards to hash that shit, too… The one in particular i’m thinking of silently truncated the password in the reset-password form, but not for the log-in form. Took me forever to figure out wtf was going on there.
I’ve had this before as well; Very annoying.
Banks are world class leaders in technical inertia. Almost certainly at some point when they’re designing their system they’ve got a interface from the 1970s or maybe even the 1980s if it’s a new bank, that has to work with everything else which has the limited input fields. And that just propagates to all the other systems in these weird ways
Oh yeah we’re using a file system that integrates over LDAT but it only looks at the first eight characters cuz the rest are used for the domain etc etc etc
Banks are still doing SMS-based 2FA. And after doing some security training at work written by the FBI and seeing it suggest switching letters/numbers around to make a password “more secure” (like
th15); I’ve completely lost confidence in banks’ security standards.
“Password is too long” when it’s like, 16 characters 😒
Real people use EICAR test strings for passwords.
I’m a password psychopath.
I use cyber chef.
I love cyber chef
i embed the backspace character into mine
**** **** **** 2231.com
Just to all out fuck with them
Just do the correcthorsebatterystaple method from xkcd.
giantblueconifercaddy
Make shit up. Add special characters at the end, and capitalize the first letter, as needed.
deleted by creator
This isn’t great advice because dictionary attacks exist. Password crackers are smart enough to replace letters/numbers switched around too; at least that was the case back in 2009 when I cracked ~20 passwords in half a second.
On sites that let me do this I might just try this trick lol
Hacknet
