305

One of the best rant I found on the web 😂

Comments
  • 2
    Very Funny :D :D
  • 3
    And a haiku
  • 5
    Can't stress how important a good password is tough, too often i find passwords that could be guessed or cracked under 5 minutes.
  • 5
    And be between 6 and 8 characters! 😈
  • 2
    @Letmecode I'd integrate that into my applications but can't find any really good solutions yet. Do you have tips?
  • 1
    @linuxxx there's a few ways that you can do that now, email like letmecode is talking about, authy onetouch (not really what its made for), oauth, or yubikey token are the ways i thought about it. But generally you can take the 2nd part of two-factor and get rid of the password to do passwordless auth just remember to think about the downfalls for each type. Email based - if their email is compromised theres no second way to protect an account. authy oneclick - is pretty good besides your client might get random request if they are getting hit, probably should put a rate limiter and make sure bots have a hard time entering an email in this case. oauth - same as email but with facebook, google+, etc if what they have linked is hacked no extra protection. Yubikey - requires hardware and is primarily security worker based
  • 2
    You know what is worse though. When a service has a password max length less than 15 characters and does not allow special characters. I want to have a strong password, but nooo your stipidity/naiivety wont allow me. However the worst has to be what PayPal was doing for years, not allowing you to copy your password from a password manager. I am sitting there wondering why the fuck am i being punished for using a long nonsensical password, which "can't" be cracked? Straight up stopped using PayPal, no way in hell i am typing a 19 character long password everytime, which looks like @:~MГw9-... Yeah no thanks
  • 1
    @cornyg Copying passwords from a password manager to the PayPal site works now, but if your password is longer than 15chars you can't login afterwards. That's especially nice if you changed your password and now you are wondering why the fuck you can't login to PayPal anymore when you are using the exact same password from the password manager
  • 1
    My favorite: your password must contain no more than twelve characters (my bank) are you fucking kidding me? An r9 390 can crack a 12 character hash in a couple of hours
  • 1
    And a dragon word #elderscrolls LoL
  • 1
    Bet if you use 'beefstew' as password it will say that your password isn't stroganoff
Add Comment