How on earth can you both not accept the password I copied from my password safe and tell me that I cannot use the same pasaword again?

  • villainy@lemmy.world
    link
    fedilink
    arrow-up
    11
    ·
    2 days ago

    I had this happen once where input validation on login and password change were different. I was allowed to set my password to a string containing a special character not accepted by the login form. Top men.

      • dual_sport_dork 🐧🗡️@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        17 hours ago

        Note that for others reading this, what normal people think of as too long probably doesn’t signify. Some asshat somewhere may have decided greater than something like 8 characters is “too long.” Without telling you. Said asshat may indeed even be on the database side, and concluded somehow that varchar(8) should be sufficient for storing passwords. Right???

        It is not only easy for flagrantly badly designed web systems to display this behavior, but also depressingly common. And more closely the page or system you’re using is related to your local government, the probability of it being hilariously incompetently designed moves ever closer to becoming 1.

        • JustAnotherKay@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          17 hours ago

          Ya know what’s actually even more absurd? The password was truncated on creation. The webpage allowed me to type 36 characters into the field, then only saved the first 30 of them.

          I verified the full 36 character password before creating the account, and was immediately met with “wrong password.” Noticed the 30 character limit when looking at the password change form, and tried cutting the last 6 characters off my existing password, which unfortunately was successful.