Ladies and gentleman, I've done it.
Remove your hacker game trophies from your wall.
That nasty bug you fixed a couple of nights ago? Meh.
Your top devRant post? You'll delete it after reading this.
Every awesome accomplishment you can think of: it all means shit now.

>> I have SUCCESSFULLY changed my business Microsoft account password into something I can remember AND Microsoft accepted it in under an hour of trying!!!!! <<


FUCK YOU for giving me a max of 16 characters. DASB&(*(&G*HH*& for telling me every time my password is 100% strength and then after every submit tell me I have to change it AGAIN because it should be harder to guess. WUT?! It was 16 characters including a (capital) letter, number and multiple special characters, WHAT ELSE DO YOU WANT FROM ME?! UNICODE EMOJI'S???!!! ALLOW ME TO USE MORE CHARACTERS SO I WILL MAKE IT HARDER TO GUESS IT, IT'S 2018 FFS.
I don't even understand why my new password is accepted compared to the other one, but fuck it I can access my account again.
Now I might have to find a new job before the company password policy kicks in again.

/me drops everything and walks out of the office to get wasted (not sure if celebrating or just really pissed off)

  • 12
    Empathy. All sites need to adopt the "xkcd standard":

  • 5
    I say every website should adopt a new policy - disregard any and all password inputs on the first login attempt and always return "Incorrect login or password".
  • 6
    @theKarlisK interesting. Seems like randomly doing that would be better (in terms of security), because if it became the standard to fail the first attempt, hackers would just ignore the first attempt. Then we've gained nothing except a worse user experience.
  • 2
    @duckWit true - random it is then. Also, the first login attempt after the last unsuccessful login attempt is handled this way as well.
  • 1
    @duckWit and if you also make it randomly login its even safer,so when hackers get access to your account they might not have got the correct password
  • 1
    If everything adopted two-factor authentication, password complexity rules wouldn't need so much focus and randomly failing legitimate login attempts would be pointless.
  • 1
    Would have +=100 if possible.. 👏👏👏
  • 0
    Now that you have access to your account, you can delete it :)
  • 0
    Well technically the login attempts dont matter much because the crackers will play around with the password hashes not actually try and guess on the wesbite.@duckWit
Add Comment