memes

16489 readers

4164 users here now

Community rules

1. Be civil

No trolling, bigotry or other insulting / annoying behaviour

2. No politics

This is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent reposts

Check for reposts when posting a meme, you can only repost after 1 month

4. No bots

No bots without the express approval of the mods or the admins

5. No Spam/Ads

No advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

!tenforward@lemmy.world : Star Trek memes, chat and shitposts
!lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
!linuxmemes@lemmy.world : Linux themed memes
!comicstrips@lemmy.world : for those who love comic stories.

founded 2 years ago

MODERATORS

Tenthrow@lemmy.world

The_Picard_Maneuver@lemmy.world

The_Picard_Maneuver@startrek.website

622

Has to be 16 characters, #s, Cap and lower case. (lemmy.world)

submitted 1 week ago by salty_chief@lemmy.world to c/memes@lemmy.world

141 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Dave@lemmy.nz 4 points 1 week ago (1 children)

I got a "we've had customers accounts breached, please update your password" email the other day.

They specifically called out you can't use # in your password, and it's been bugging me why that is. What part if their system let's in other special characters but # is off limits?

[–] jaybone@lemmy.zip 3 points 1 week ago* (last edited 1 week ago) (1 children)

Now that I’m thinking about this it’s bugging me too. If they are passing it to shell scripts maybe it’s interpreted as a comment? Some databases like Oracle use # to separate schema prefix from schema user and table name in a query? But none of those would really make sense here 🤷

EDIT they are storing it in plain text, with other values using # as a delimiter? lol

[–] Dave@lemmy.nz 1 points 1 week ago (1 children)

I considered database stuff, but my password shouldn't go anywhere near the database!

If they are storing it as plain text in this day and age, then there is no hope for the human race 🤦

[–] ViatorOmnium@piefed.social 4 points 1 week ago (1 children)

"Shouldn't" and "won't" are too very different words. There are plenty of shitty programmers out there, and they tend to band together. And now you have vibe coders on top.

[–] Dave@lemmy.nz 2 points 1 week ago (1 children)

Based on the place (a supermarket rewards card), I'm assuming legacy code. But you're right, the most likely answer is it's shitty legacy code.

[–] trxxruraxvr@lemmy.world 2 points 1 week ago

Doesn't even have to be legacy, some programmers are just completely unaware of the concept of security. I've seen services where the forgot password functionality would send your existing password back to you in plaintext.