Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
God fucking hell how stupid can someone be? Does the json-response contain the user by any change?
DSGVO that fucker!
Is this "already been used" on your account? Or globally?
I just tested it. Several very bad things in terms of security:
- They impose password character requirements, which is a no-no.
- They impose a password maximum length, which is a no-no from a UX position as well as an indication they are not handling passwords securely at all.
- They check the validity of an email address prior to signing up, which is poor UX and very unreliable in practice (especially for privacy-minded email services).
- Their form is incredibly buggy, making it really easy to get into a broken state that can only be fixed after a refresh.
Cut-rate developers it seems like. Don't put any valuable information into that site, I can't imagine it being secure.
Ranchonyx704614dNEIN STOP BITTE NICHT
Lensflare203013dBesides telling that some user has already the same password, why do they even do such a check?
I don't get it. What are they thinking? Is it insecure to have a password that is already used by someone else?
I’d really like to know their reasoning.
Unless, of course, it has some technical reason like the password is an ID for something... this gets more and more weird the more you think about it.