Rant
Why do shithead clients think they can walk away without paying us once we deliver the project !!!

So, here goes nothing..
Got an online gig to create a dashboard.
Since i had to deal with a lot of shitheads in the past, I told them my rules were simple, 20% advance, 40% on 50% completion and 40% after i complete and send them proof of completion. Once i receive the payment in full, only then i will hand over the code.
They said it was fine and paid 20%.
I got the next 40% also without any effort but they said they also needed me to deploy the code on their AWS account, and they were ready to pay extra for it, so i agreed.
I complete the whole project and sent them the screenshots, asking for the remaining 40% payment. They rejected the request saying my work was not complete as i had not deployed on AWS yet. After a couple of more such exchanges, i agreed to setup their account before the payment. But i could sense something fishy, so i did everything on their AWS account, except registered the domain from my account and set up everything. Once i inform them that its done and ask for the remaining payment.
The reply i got was LOL.
I tried to login to the AWS account, only to find password had been changed.
Database access revoked.
Even my admin account on the app had been removed. Thinking that they have been successful, they even published ads about thier NEW dashboard to their customers.
I sent them a final mail with warning ending with a middle finger emoji. 24 hours later,
I created a github page with the text " This website has been siezed by the government as the owner is found accused in fraud" and redirected the domain to it. Got an apology mail from them 2 hours later begging me to restore the website. i asked for an extra 10% penalty apart from the remaining payment. After i got paid, set an auto-reply of LOL to thier emails and chilled for a week before restoring the domain back to normal.
Dev : 1
Shithead Client: 0

Manager: Hurry up and login, I don’t have all day

Dev: One sec I have to lookup my password for the system

Manager: How can you not remember your password? Everything requires it these days

Dev: I use a different password for each service.

Manager: Wow you really like to overcomplicate things. Just use the same one for everything like I do, it’s way more efficient!

Dev: …

Dev: What do you think of the new version of the app?

Client: It’s great! We just have a couple notes of feedback we are working on compiling. We should have those to you by next week.

*Next week*

Client: We need another week to compile all of this feed back we are generating

*Another week goes by*

Client: Still working on it, it’s going to be a really thorough review when you get it though. No stone will be left unturned!

*2 weeks later*

Client: Here it is!

Attached: A word document with a single line of text “can’t nobody log in” next to a picture of the login screen with a red circle drawn around the login button

Client: Can you hurry up and action our feedback? We want to go live next week

Dev: …

An intern I was supposed to lead (as an intern) and work with. Which sounded kinda crazy to me, but also fun so I rolled with it. But when I met her I quickly found out she didn't even have a coding editor installed and when I advised one she was "scared of virusses". She had Microsoft Edge in her toolbar, and some picture of a cat as a background. We were given some project by our boss, and a freelance programmer helped us set it up on Trello. Great, lets start! Oke maybe first some R&D, she had to reaeach how to use the Twilio API. After catching her on WhatsApp a few times I realised this wasnt gonna go anywere. After a few weeks of coding and posting a initial project to git I asked her if she could show me the code of the API she made so far..

She told me she was using the quickstart guide (the last 3 FUCKING weeks) which contained some test project with specific use cases.

The one that I did 3 weeks ago that same fucking morning.

AND SHE WAS STILL NOT DONE...

A few days later I asked her about the progress (strangly, I wasn't allowed ti give her another task bcs the freelanc already did) and guess what... She got fking pissed at me

Her: "I will come to you when im done, ok?"
Me: "I just want to see how it is going so far and if you are running into any problems!"
Her: "I dont want to show you right now"

She then goes to my fucking boss to tell him I am bothering her.

And omg... Please dear god please kill me now...

Instead of him saying the she probably didn't do shit. He says to me that the girl thinks im looking down on her and she needs a stress free environment to work in. She will show me when its done. ITS A FUCKING QUICKSTART GUIDE YOU DUMB BITCH.

He then procceeded to whine to me about the email template (another project I do at the same time) which didn't look perfect in all of his clients.

Dont they understand that I am not a frontend developer? Can you stop please? I know nothing about email templates, I told you this!!!

Really... the whole fucking internship the only thing the girl did was ask people if they want more tea. Then she starts cleaning the windows, talk to people for an hour, or clean everyone's dask.

all this while I already made 50% of the fucking product and she just finished the quickstart tutorial 😭. Truly 2 months wasted, and the worse thing is I didn't get any apprication. They constantly blamed me and whined at me. Sometimes for being 3 minutes late, the other for smoking too much, or because I drink to much coffee, or that I dont eat healthy. They even forced me to play Ping Pong. While im just trying to do my job. One of the worst things they got mad at me for if when my laptop got hacked bcs it was infected with some virus. He had remote access and bought 5 iPhones 6's with my paypal while I was on break. I had to go home and quickly reset all my passwords and make sure the iPhones wouldnt get delivered. strange this was, this laptop I only used at the company. So it must have been software I had to download there. Probably phpstorm (torrent). Bcs nobody would give me a license. And the freelancer said I * have to *.

the monday after I still had to reinstall windows so I called them and said I would be late. when I came they were so disrepectfull and didn't understand anything. It went a little like this:

Boss: why u late?
Me: had to reinstall my laptop, sorry.
Boss: why didnt you do this in your own time?
Me: well, I didn't have any time.
Boss: cant you do this in the weekend or something? Because now we have to pay you several hours bcs you downloaded something at home.

Me: I am only using this laptop for work so thats not possible.

Boss: how can that even be possible? You are not doing anything at home with your laptop? Is that why you never do anything at home?

Me: uhm, I have desktop computer you know. Its much faster. And I also need to rest sometimes. Areeb (freelancer) told me to torrent the software. He gave me the link. 2 days later this happends

Boss: Ahh okeee I see.. Well dont let it happen again.

After that nobody at the compamy trusted me with anything computer related. Yes it was my own fault I downloaded a virus but it can happen to anyone. After that I never used Windows again btw, also no more auto login apps.

Sometimes I feel I'm the live version of stack overflow for my family and friends...
Mom: The printer is acting up, how do I fix it?
Brother: I can't login to Netflix, help!
Grandparents: could you fix the radio/TV?
Gf: Apple can't validate my .uk mail

All to which I replied with the answer to life, the universe and everything...

FUCKING GOOGLE IT! Have you googled it?!

And the inevitable reply: no.

The only ones who get a free pass are my grandparents they were born in the 40's and think YouTube works on voodoo.

In the darkest of days, I discovered how to remote login to my computer at work through the company vpn. I then proceeded to work overtime at night in secret for a week or so, writing documentation and refactoring code.

I finally woke the fuck up and realized that I shouldn't be obsessing over proprietary codebases that do not belong to me, and I should put this misguided energy into my own projects.

So yeah, as a bad dev habit I'm working on fixing, this fits the bill.

Yesterday,
I was a bit drunk.
But I wanted to improve security of the company. So, I went in Azure and activated “Security defaults” which forces MFA for all users in the company. (Because RH always forget to enable MFA for new employees, and I actually care about security)
Then I went in office 365 management and instead of resetting MFA for all users (Forcing everyone to redo MFA setup), I (by mistake) clicked on reset all passwords.
I tested my own account it was fine and went to sleep.
Got a call from CEO at 7am, all 30 employees cannot login in, cannot work.
What a shit show I made…
I have a call with CEO in about 2 hours, I don’t even know how to justify myself…
So children: don’t activate company wide options while drunk. Ever.

Worst hack/attack I had to deal with?

Worst, or funniest. A partnership with a Canadian company got turned upside down and our company decided to 'part ways' by simply not returning his phone calls/emails, etc. A big 'jerk move' IMO, but all I was responsible for was a web portal into our system (submitting orders, inventory, etc).

After the separation, I removed the login permissions, but the ex-partner system was set up to 'ping' our site for various updates and we were logging the failed login attempts, maybe 5 a day or so. Our network admin got tired of seeing that error in his logs and reached out to the VP (responsible for the 'break up') and requested he tell the partner their system is still trying to login and stop it. Couple of days later, we were getting random 300, 500, 1000 failed login attempts (causing automated emails to notify that there was a problem). The partner knew that we were likely getting alerted, and kept up the barage. When alerts get high enough, they are sent to the IT-VP, which gets a whole bunch of people involved.
VP-Marketing: "Why are you allowing them into our system?! Cut them off, NOW!"
Me: "I'm not letting them in, I'm stopping them, hence the login error."
VP-Marketing: "That jackass said he will keep trying to get into our system unless we pay him $10,000. Just turn those machines off!"
VP-IT : "We can't. They serve our other international partners."
<slams hand on table>
VP-Marketing: "I don't fucking believe this! How the fuck did you let this happen!?"
VP-IT: "Yes, you shouldn't have allowed the partner into our system to begin with. What are you going to do to fix this situation?"
Me: "Um, we've been testing for months already went live some time ago. I didn't know you defaulted on the contract until last week. 'Jake' is likely running a script. He'll get bored of doing that and in a couple of weeks, he'll stop. I say lets ignore him. This really a network problem, not a coding problem."
IT-MGR: "Now..now...lets not make excuses and point fingers. It's time to fix your code."
IT-VP: "I agree. We're not going to let anyone blackmail us. Make it happen."

So I figure out the partner's IP address, and hard-code the value in my service so it doesn't log the login failure (if IP = '10.50.etc and so on' major hack job). That worked for a couple of days, then (I suspect) the ISP re-assigned a new IP and the errors started up again.

After a few angry emails from the 'powers-that-be', our network admin stops by my desk.
D: "Dude, I'm sorry, I've been so busy. I just heard and I wished they had told me what was going on. I'm going to block his entire domain and send a request to the ISP to shut him down. This was my problem to fix, you should have never been involved."

After 'D' worked his mojo, the errors stopped.

Month later, 'D' gave me an update. He was still logging the traffic from the partner's system (the ISP wanted extensive logs to prove the customer was abusing their service) and like magic one day, it all stopped. ~2 weeks after the 'break up'.

The gym I go to has an app for user's to scan a QR code when they arrive and it has multiple HUGE issues.

This app shows the credit card info used for the direct debit without anything being redacted.

When the gym is signing up someone they give them a password so they can login, not too bad except the password is always the person's first name with the first letter capitalised.

This gets worse when you figure out that their is no way to change the password given to you AT ALL.

And just to top it all off, when you click the "Forgot Password" link on the login screen, the app just sends you an email with your password (your first name) in plain text.

The app also doesn't log you out or notify you if your login is used on a different device.

So I have tested this with 2 of my friends that go to the same gym and, with only knowing their email and first name (which I could have gotten from their email if I didn't know them), I can get into their app and see their credit card info without them being any the wiser.

Holy fuck nvidia. Why the fuck you want me to login to your fucking app in order to download a fucking driver. You also want me to click a fucking link that you sent to my email for verification on every fucking login? Why on earth someone would stole my fucking nvidia account? To see which drivers I use? What the fuck nvidia? Oh wait. DO YOU DARE ASK ME TO SETUP TWO FACTOR AUTH TO SECURE MY ACCOUNT?!? What the fuck? Even if I put my credentials online no one would care to login my fucking nvidia account. Just let me download my fucking driver!

Devs: Hey, what should we do?

A:
provide our SDKs for download as easily as possible so that any potential customer can try it out and see how much better we are compared to our competitors?

Or…
B:
Should we lock our SDKs behind a login where the customer needs to create an account and enter the most amount of private information possible, just in case, then also require to create some security access tokens that he needs to configure in his app to have access to our service via the sdk and also hide all of the documentation behind a login which requires some permission based roles to access and also make the sdks closed source so that it’s a pain in the ass to debug and understand?

Marketing people:
B! Definitely B! Make sure to piss off and annoy our customers as much as humanly possible!

For the love of god, I spent 2,5 hours debugging why Minecraft from the windows store doesn't work...

The game just shows a red message telling you it didn't work.

I checked the logs, nothing just warnings

I re-installed the game, nothing, same error

Updated java and all parts of the store, nothing....

Obviously I had to install Something called the "xbox identity Provider"... You know... On a PC... For a distinctly PC game to work... Installed by the store... And the provider is also on the store... But it doesn't auto-install with the game

Ever since you migrated to the Microsoft Auth the login experience is awful (I ranted about that already)

How about you do the bare fucking Minimum of an User experience and Install the fucking dependencies when I re-installed something your fucking store??!!!

The fucking bare minimum that every package manager ever created fucking has as a basic requirement?! Are you kidding me?

Rename your fucking services so they make sense and please don't waste everyone's time by having both shitty logs and no dep management for your own apps... Fucks sake

I created our login system to be secure and reliable.

One coworker hardcoded the roles a person who is logging in receives and built a backend to just assign roles you want. He pushed this to prod...

Yeah...

I was asked to look into a site I haven't actively developed since about 3-4 years. It should be a simple side-gig.
I was told this site has been actively developed by the person who came after me, and this person had a few other people help out as well.
The most daunting task in my head was to go through their changes and see why stuff is broken (I was told functionality had been removed, things were changed for the worse, etc etc).
I ssh into the machine and it works. For SOME reason I still have access, which is a good thing since there's literally nobody to ask for access at the moment.
I cd into the project, do a git remote get-url origin to see if they've changed the repo location. Doesn't work. There is no origin. It's "upstream" now. Ok, no biggie. git remote get-url upstream. Repo is still there. Good.
Just to check, see if there's anything untracked with git status. Nothing. Good.
What was the last thing that was worked on? git log --all --decorate --oneline --graph. Wait... Something about the commit message seems familiar. git log. .... This is *my* last commit message. The hell?
I open the repo in the browser, login with some credentials my browser had saved (again, good because I have no clue about the password). Repo hasn't gotten a commit since mine. That can't be right.
Check branches. Oh....Like a dozen new branches. Lots of commits with text that is really not helpful at all. Looks like they were trying to set up a pipeline and testing it out over and over again.
A lot of other changes including the deletion of a database config and schema changes. 0 tests. Doesn't seem like these changes were ever in production.
...
At least I don't have to rack my head trying to understand someone else's code but.... I might just have to throw everything that was done into the garbage. I'm not gonna be the one to push all these changes I don't know about to prod and see what breaks and what doesn't break
.
I feel bad for whoever worked on the codebase after me, because all their changes are now just a waste of time and space that will never be used.

1. our public transport added a free wifi to busses, some years ago already. it's got a "login" page, connect to wifi, get a phone notification, tap it, opens page with an ad and 10 second timer on a "click to continue to internet" button.
... okay.
recently, the geniuses decided to harvest mail addresses, which... *gritting teeth* if you must...
BUT... "please input your mail address". i input and submit.
"we have sent a mail with confirmation link to that address, please click the link to confirm to get access".

FUCKING BRAINZOMBIES, HOW DO YOU EXPECT ME TO ACCESS MY MAILBOX TO ACCESS INTERNET WITHOUT THE ACCESS TO INTERNET?

2. i had a second unrelated minirant, but i forgot what it was, so another one instead:
a long time ago, in a country where i live, the transaction slip the ATM gives you after withdrawing money used to contain info about remaining funds after withdrawal.
then, the info was removed from the slip, and a "feature" was added to atms where you "can" check the money on the account.
doing so costs you 0.50€

greedy asshole fuckers.

Fuck strict corporate software policies, just let me WORK (⁠╯⁠°⁠□⁠°⁠）⁠╯⁠︵⁠ ⁠┻⁠━⁠┻

When I came to this new workplace I was given a Windows laptop. And it came with a bunch of pre-installed corporate stuff and policies like automatic mandatory frequent driver and windows updates. Although I prefer linux, I thought, maybe I'll switch later, first let's see how everything works here, since on Windows I had all VPNs, certificates and other corpo stuff pre-configured out of the box. But imagine missing a standup, because of windows update in the morning. Or missing audio, because of drivers update in the middle of the meeting. And make it every week or so. Also, I couldn't not install my portable DAC drivers, because limited access, blah blah fuck me. And many other small things that I vaguely remember by now.
Later corpo decided to add a tracking plugin into a browser and that was it for me. Gladly, corpo policy allows using Linux (they have their own modified Ubuntu version), which has MUCH less of this crap. I mean, it's still somewhat managed by corpo (like I can't get rid of duplicated PPA, lol.. and sometimes I need to wait like 1-2 mins to login to my laptop because of login server timeout), but that's still better...

Linux, home, sweet home, I missed you <3

Also, I dodged the bullet. Win11 upgrade was a funny shit show to watch :D

Ok so our director decided to try out google work space
Plugs in our organizations domain and emails etc
trial then expires
we now cant access our emails
cant login
cant do shit

One thing every junior web developer learns is how to implement a login system.
They may not make it the most secure, but it works.
It boggles my mind how Microsoft still don't know how to make a login that works consistently.
Every Microsoft login page requires like 30 redirections to work.
The Teams app on my PC fails to login at least once a week, just because another Microsoft app is logged in using the same account (usually office), but Windows is not.
Microsoft needs to take it's head out of it's ass and BEG Google to teach them how to make a decent login system.

New name for the paper: The New Yor(login or subscribe to read the full name of the news website)

The knowledge base for fixing stupid shit in Windows 10 is abysmal. I had a slow login that seemed to be progressively worse. I had searched in the past about this. The suggestions ranged from getting an SSD to reinstalling Windows. None of them addressed the issue. I had removed some startup programs thinking that might be the issue. It was not. I finally found some obscure mention by some guy that said: delete the user temp folder. So I did that. Now it takes almost no time to login. I think the only delay is the steam stuff in the background.

Of course all the official Microsoft suggestions were total shit.

IHateForALiving: gentlemen, my unit tests are randomly falling. Sometimes the login procedure just fails for no apparent reason, did any of you encounter this problem?
The very fucking smart colleague®: DID YOU REMEMBER TO PLACE YOUR AUTHORIZATION HEADER

Of course
The authorization header.
To fucking log in.
Because you have to be logged in before you can log in.
That's the standard, of course.

Scrum master asks how I'm doing and how I'm finding the project I'm working with.

I complain about the lack of documentation and that it kills me (well, kills my brain with increased migraines) due to my Asperger's as I need CLEAR instructions and not ~something~ I need to piece together from asking from 5-10 different people who all know some minor part of the final answer.

"*You* could do the documentation, lankku, while you're figuring it out!"

Just...FML.

And the reason I was trying to find out this one thing related to a completely different repo I have never worked on was because I was trying to write documentation for something totally different that just needs a login redirect from this different repo. <.<

Just some random thoughts looking at the soon-to-be new filtering feature.

Wouldn't it be nice if DevRant had a QR login like WhatsApp for easy login on desktop?

What about a "top rants" on profiles?

Oh what about an activity mosaic like GitHub's commit timeline?

Just some thoughts I had while punching my punching bag, it can get tedious.

"I need the login credentials for the CMS service"

*sends the email confirmation email*

"No, I can't confirm your email for you. In plain English: send me the email and password to login."

"Ohhhhhhhhh"

Literally what the fuck is wrong with these people.

I swear we're all fucking doomed.

At the institute I did my PhD everyone had to take some role apart from research to keep the infrastructure running. My part was admin for the Linux workstations and supporting the admin of the calculation cluster we had (about 11 machines with 8 cores each... hot shit at the time).

At some point the university had some euros of budget left that had to be spent so the institute decided to buy a shiny new NAS system for the cluster.

I wasn't really involved with the stuff, I was just the replacement admin so everything was handled by the main admin.

A few months on and the cluster starts behaving ... weird. Huge CPU loads, lots of network traffic. No one really knows what's going on. At some point I discover a process on one of the compute nodes that apparently receives commands from an IRC server in the UK... OK code red, we've been hacked.

First thing we needed to find out was how they had broken in, so we looked at the logs of the compute nodes. There was nothing obvious, but the fact that each compute node had its own public IP address and was reachable from all over the world certainly didn't help.
A few hours of poking around not really knowing what I'm looking for, I resort to a TCPDUMP to find whether there is any actor on the network that I might have overlooked. And indeed I found an IP adress that I couldn't match with any of the machines.

Long story short: It was the new NAS box. Our main admin didn't care about the new box, because it was set up by an external company. The guy from the external company didn't care, because he thought he was working on a compute cluster that is sealed off behind some uber-restrictive firewall.

So our shiny new NAS system, filled to the brink with confidential research data, (and also as it turns out a lot of login credentials) was sitting there with its quaint little default config and a DHCP-assigned public IP adress, waiting for the next best rookie hacker to try U:admin/P:admin to take it over.

Looking back this could have gotten a lot worse and we were extremely lucky that these guys either didn't know what they had there or didn't care.

Question: What is the fuckiest fuckup?

A) That it turrned out our apps login does not work on Safari at all? Although Safari should be Webkit and App works fine on Chrome and Firefox for years and should be normal Angular stuff by the way?

B) That in three years appareantly nobody considered trying it out in Safari?

C) That I can not use the iPad I got from my employer because fucking AppleId is requiring a fucking Phone number.

Answer: all of them.

IT department of client still doesn't get its shit together. Previously, I've ranted that they insist I access their GitLab through a fucking RDP.

Me: requests an account to their Confluence space

Them: give me a Confluence account. Naturally, Confluence requests that I confirm my email. That needs to be confirmed in the inbox of my.name@theircompany.com. Mail servers hosted by Azure, using Outlook.

Me: ok, let's configure my Outlook, 2FA as they configured to demand it from me... install MS's authenticator app, ok so far so good... Now I'm ready to login and find that email from Confluence and... ERROR 500 INVALID LICENSE

Fucking hell. You just love your siloes so much you actually make it impossible to access it and feel good about my own good will.

I got a contract with this schools to build a student portal,

I do all the needful and the project whatever guy insists that I use their current shared hosting to host this MERN stack application.

first of all, cPanel is my least favorite place when it comes to deploying, I actually dont do deploying I just hand it over to whoever is the IT guy there.

I discovered there's no provision for nodejs in their current plan, I go through all the stress of contacting the shitty customer support and the process of squeezing out useful information from them.

I'm only doing this because the project whatever has refused to pay me until their site is deployed. throughout the process of creating this project I had setup continous deployment on heroku and netlify and I had to beg this guy to look at the changes and review them.

well, today I asked the former guy that built the current site for the login details to the schools dashboard on the hosting providers site and he says he used his personal details for it, according to him projects from other organizations are there too.

I swear I'm going to loose my shit, freelancing sucks

i was trying to check a purchase i made on the store's website, so i tried to login, but I can't?? like, i fill the form and press login, and it doesn't? log in??? what the actual fuck, how are you supposed to do anything like that. isn't the login page the first thing they make? how doesn't it work? how is this website still active??

Motherfuckers can't even create a simple login feature.

Lmao this promotion driven faggots are dominating the product thinking they'll commercialise it and earn profits.

Why is this hilarious? Because they are building this product for past 3 years and yet the login feature is not functioning.

Fuck the idiots yelling monopoly and use that that bullshit execues to justify a system should be changed after a couple of years by a new company.

Especially when its a new banking system that is so poorly developed due to a critical archichical design failture on the authorization layer, resulted in on when a lot of people login at once you had a chance to get someone else session informations instead of your own.

Just being so insecure in general. And dont get me started on how unstable the banking system infrastructure is.

But hey at least the it isnt a monopoly anymore by paying a new company a double digit million amount to develop a new banking system after a couple of years after the last system were developed.

I deployed one of our staging websites to a free plan because the site is rarely used. Project Manager sends the stakeholders the new url. There will be a lot of 🤦‍♀️🤦‍♂️🤦 all around. Some of it’s my fault. A lot of it is just WTF.

Stakeholder: We still need the staging site because we don’t want to test in the live site…

PM: Okay. We didn’t say we were deleting the site. We are just moving it to a new and better hosting platform, so we’re letting you know the url has changed.

Stakeholder: This url is for the front facing page. How do I access the backend? [they mean the admin interface]

Me: The only thing that’s changed is the url for the staging website. So domain-A/account is now domain-B/account.

I thought that was a pretty straightforward way of explaining things, that even a non technical person would get it. They took the /account example as the literal login url.

Stakeholder: I forgot the password for our admin login and I submitted a password reset, but I realize I don’t know if I have access to the admin email. Or if it’s even a real email account.

WTF

I look back at the email chain and I realize that I gave the PM the wrong url.

Also, WTF x 2. How did this stakeholder not realize they were looking at the wrong website?? There are definitely noticeable style and content differences. And why would you have an admin login that uses a fake email??

Me: My apologies. I sent over the incorrect url. My instructions are mostly the same. All that’s changed is the domain.

Stakeholder’s assistant: [DMs me] How do we access the backend?

WTF…are they seriously playing this game and demanding I type out the url for them?! 🤬 I’m not playing this game and I just copy and paste the example that I already sent over.

They figure it out eventually. Apparently, they never used /account to login before They used /admin/index… but that would still bring them to /account, but with ?redirect=/admin/index appended to the url if they weren’t logged in. Again, WTF.

I know I made mistakes in this whole thing, but damn. I can’t even. I’m pretty sure this whole incident is fueling my boss’s push to stop supporting this particular website anymore so I can focus on sites that actually bring in revenue…and have stakeholders that aren’t looney and condescending like this.

Nvidia. Why the fucking hell do I need to sign in to my Nvidia account to install drivers? I fucking hate your proprietary bullshit agenda!

Each time I login at GitHub and take
a look at featured repos, also when I realize the huge server destroyer bug it's just a misplaced line.
Sometimes I look at some repos and I'm scared to contribute...never contributed once.

When at School there was a hack that went around all the local schools that caused computers to shutdown as soon as it gets to the login screen.

Nothing gets on my nerve than microsoft. Just another day being a victim of fucking microsoft trash product called teams. All I wanted to do was login but no, this ass of a product has it's own shit things.

I gave a technical interview today and here is summary how it went . interviewer asked me to login to leetcode account then .

Interviewer :- "Open this problem( he gave link) and open submission section".

Me :- "Yes sir" I opened it and I have solved that in past .

Interviewer :- "okay so you have solved this one so let's move to next question(2nd)".

I opened it and again I have already solved that in past. Then he gave 3rd and it was also solved by me already .

Then he said " Okay now I will share with you this problem which you have not solved and I am sure ".

He gave me a hard problem which I actually haven't solved . I would have solved the first 3 , the 4th one was actually hard and I was not able to optimise my code on time .

sometimes life is really tough 😪. he could have asked anyone of them 😕.

"Please help, when I login as a client somehow the name gets updated to my name. Pls help, ai really don't know why"

How about you be careful and don't hit save to overwrite their names

Dear Microsoft,

I really like SQL Server, but my dbms (ssms) is like 2 years old, I installed it from a predownloaded exe we had.
Can you please let me download the update without asking me to register?
Everyday for the last years I had to see the update notification and resist the urge to click it and be prompted with a login page

Dearly, a Linux user who develops in .NET, sometimes

I'm in vacation in portugal and in the apartment the WLan has the default ssid. So i tried to login with the default credentials into the web panel. It worked... Now i have superuser access and can change everything i want...

I've got a kinda basic networking question I can't quite figure out

How does a push notification work?

Like, on an Android app. A good example is an authenticator. Say I don't login to the service for 4 months.

Then, one day, I try to log into the web portal and it prompts me to accept the request on my authenticator app on my phone.

Immediately, there's a push notification on my phone.

Wtf.

Is there a socket open for 4 months? Does it send requests every few seconds for 4 months? I can't imagine that either of these options scale whatsoever: both horrendously waste bandwidth and server connections.

How the fuck does it work? I don't even have the first idea.

How to reproduce:
- have a single login form for admins and ordinary users
- add a second button right next to 'login' which reads 'login as admin' in order to have a separate login for them
- release a new version of software with this change solely and changelog informing about it
- have customers admin tell you everybody is complaining about not being able to login with thwor admin accounts

Alright boys.. calling in my networking friends for help..

Recently switched my ISP and got a fibre optic installed (100Mbps).

Thr ISP provided a new TP-Link router which supports 5GHz as well as 2.4GHz.

Some of my devices support 5GHz and connect to that network which works flawlessly.

However, my phone does not support 5GHz and hence, have to connect on 2.4GHz.

Somehow, the main router as well as the access point, are not functioning well for 2.4GHz. Whenever the connection is established, it would work fine for a minute or two before the networks starts disconnecting.

Restart the device Wi-Fi and it works for few moments and the cycle repeats.

I am not sure of what is causing this issue.

For the records, the access point is an old D-Link router. Why I mention this? Because funnily whenever the access point cable is plugged into the main router and I login to the router, the system logs me into the access point router (D-Link instead of TP-Link).

Can someone please help me resolve this issue?

Fun fact: The D-Link was a giveaway by one of my dR friends @Bigus-Dickus

TL;DR - Coding standards are a shit practice IMO.

What we don't talk about enough among software engineers, is the artistic aspect of the craft of writing code.

For example, consider your client saying this to you.

"Build me a web app where a user will login. They will have a wallet to purchase subscriptions of 3 products of different prices."

Give these two statements to say, 10 devs and see how each of them will come up with their own vision of the problem and how they would implement it in their own ways.

So now you are working on a big team with say 30 people and you have a big project to work on. Different members of the team bring different styles of code to you to review and if, the Team Leader is as incompetent as mine is, they would find it troubling to understand the pull requests.

So what do you do in these scenarios? Implement Coding standards !!! They take away the artistic vision of the devs and tries to force them to follow rules like sheep.

Also the company doesn't give two shits about the code standards cuz, as long as they have working code that makes them money, they wouldn't care how the code is written.

Thoughts ?

client: "I cannot access the app"
me: "How? Can't install app? Can't login? Any error messages?"
client: Sends picture, one of the screens shows error

I really don't understand some users. How does one connect the dots between "cannot access" and "screen error".

Microsoft, please stop the incomprehensible work vs. school account stuff and if you want to mail me a login code, then please actually do send an email. What's wrong with Microsoft Teams and office always giving its users headaches already when trying to log in?

A customer sent me a "FindTime" link, something like Calendso / Calendly, but "powered" by Microsoft Office. Seems that their power is off again, like ever so often. Microsoft: "can't access your account: You can't sign in here with a personal account. Use your work or school account instead."

Okay, go to bing, and search your error message. Try to use bing page to log in to my account: Microsoft: "We emailed a code." (No you didn't. At least I never received anything. And, yes, I did check my spam folder!) Microsoft: "Other ways to sign in: use Microsoft Authenticator".

me: "dear customer, please feel free to pick any time and date that matches your preference, as the FindTime link has been impossible to use".

How can Microsoft make me feel so dumb again, after more than 20 years as a developer? Have they ever heard about usability?

My first rant but wanted to get it out!

New job - simple enough I think - it's a website with a login and profile that serves videos and shows your progression and asks you questions when you finish one.

Wrong - Kubernates microservice madness - functions and cosmos instances galore!

There is a full aspnetcore stack microservice with a restful API that stores..... drum roll please - a person's gender against a profile id....

Todays Architects are stupid fools.

Finally, I just received an OTP message that said it will be expired in 10 minutes.

Funny part is that i was trying to login 2 hours ago at thier(new client) platform to review.

And they said it is fully functional and you will have to fix some minor issues only.

I am thinking this way( it is so secure that you received otp only after it is expired).😅

Wtf kind of website is this? Baby/child media sharing on a clandestine website with no other context. Follow the link and taken to login page with zero context whatsoever.

When I found out that the server I use weirdly implements SSH login.
For some very odd reason (probably a historical one,) you have to access the web-app console and press a button TO GRANT SSH ACCESS TO THE F*<KING IP ADDRESS FROM WHICH I PRESSED THE BUTTON. The server blocks the wrong IP addresses outright. And only one active allowed IP at a time. This totally obliterates my plan to perform CD on this server. Why can't I just register public keys?
Then I learned several months later that they introduced a new server plan that *does* support the public-key registration. :facepalm:
I'm divided on whether to change my plan in exchange for a rather significant increase in the monthly cost.

We should find a way to replace passwords: any password manager which I tried is inaccurate in identifying login forms and is too hard to use for non technical people older than 40 and convince people to not use some stupid name + birth year combination as their passwords is a frustrating uphill battle.

Interview question i had:

- how does jwt work under the hood, where is it stored, what 3 parts is it made of, who creates jwt, how does the server know what information the jwt token has (how can it say oh you're Joe you can login now)

- what is the difference between observable and promise in typescript, how does observable work, what is a stream, what is the difference between fetching data through an observable and fetching data with promise and when should we use one over the other, what does .next() funcrion do in observable under the hood

Answer me these questions without googling

Getting the angular interceptor working the way I want has proven to be a pain for me. I try to update an auth token, which returns a promise that has to be transformed to an observable again. based on that, redirect to a login page, in case of 401. But nothing works! Either infinite page reload because of the login() promise function of the auth provider or no reaction at all after a router redirect. 😤

Somebody: (whinwy) we need something to log into nonprivileged technical accounts without our rootssh proxy. We want this pammodule pam_X.so
me: this stuff is old (-2013) and i can't find any source for it. How about using SSSD with libsss_sudo? Its an modern solution which would allow this with an advantage of using the existing infrastructure.
somebody: NO I WANT THIS MODULE.
me: ok i have it packaged under this name. Could you please test it by manipulating the pam config?
Somebody: WHAT WHY DO I NEED TO MANIPULATE THE PAMCONFIG?
me: because another package on our servers already manipulates the config and i don't want to create trouble by manipulate it.
Somebody: why are we discussing this. I said clearly what we need and we need it NOW.

we have an package that changes the pam config to our needs, we are starting to roll out the config via ansible, but we still use configuration packages on many servers
For authentication as root we use cyberark for logging the ssh sessions.
The older solution allowed additionally the login into non-rootaccounts, but it is shut down in the next few weeks after over half an year of both systems active and over half an year with the information that the login into non-privileged accounts will be no more.

Postman freaking sucks now. It's bloated and can't easily do what's it's supposed to do without hassle. You have to login first, then it will inexplicably lose all your previous API requests.
I guess the company has forgotten who their base customers are.

Security experts have discovered hundreds of fake websites which are being used to spread dangerous malware for Android and Windows devices. A "vast" network of over 200 internet pages, which impersonate 27 brands such as household names like TikTok, PayPal and Snapchat, are being used to spread a vicious bug which can empty out bank accounts. These bogus websites feature the notorious ERMAC banking trojan which is capable of stealing sensitive login details for 467 online banking and cryptocurrency apps.

Can't believe I'm about to say this, but:

Systemd-container is a rather cool SysD extension.

It allows me (Root on most servers) to switch to a customer account in a completely new session, setting all the .profile and .bashrc stuff up, so I can do stuff like control their rootless docker, and no longer have to add my SSH key to their authorized_keys file then re-login under their user.

Nice.

Anyone else who finds AWS login captcha hard?

> * npm login *
> puts everything right, uses token because of OTP
> npm login fails: incorrect user or password

you know what, fuck you

Hello! Could anyone please explain how can I limit the number of entries to the website with one login? It will be Joomla-based. I want to get a unique device id apart from the platform. What should I choose - php, javascript or anything else? Can anyone tell?
Thank you.

hey, so i have recently started learning about node js and express based backend development.

can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?

like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :

- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc

- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (

- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc

followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc

----

these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.

so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .

apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.

Why does DevRant not have "Login with Google/Facebook" functionality yet ??

Okay...How the heck do I get this Twitter API? I wanted this API for a project that required elevated access. submitted the application and got rejected.
Then I changed my use case and only needed simple Access to implement Login with Twitter. used my university email, and was rejected again.
Do they even give this API to anyone?

Can you recommend me some simple php+mysql based backend framework in order to build a simple rest api (with login, signup, scope data) ?

Microsoft Teams login says password is incorrect then and for a captcha

I type it again but fails...

I'm like wtf... Could it be the captcha...

Which I entered in all lowercase

It doesn't say the captcha is case sensitive though..

Next few times it gives me captchas with k... Teehee me like 5 tries to login

Are we trying to verify passwords/humanness or whether I can somehow tell the difference between K and k?

Despite already having a few years of professional experience dealing with Linux servers, I still, to this day, confuse, which environment file gets sourced and when...

There's /etc/profile, /etc/bashrc, ~/.bash_profile, ~/.profile, ~/.bashrc

I think it's... Bashrc for interactive shells, profile for login shells.

But then I have examples like "ssh user@server 'echo $var'" that... Don't source any of the files!

You can enable user environment files for SSH that get sourced whenever a user logs on through SSH (~/.ssh/environment / environment specified for a key in ~/.ssh/authorized_keys)

Is there some sort of master environment file that gets sourced *every* time, no matter what kind of shell starts?

How can I implement phone number login correctly with Django