Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.
I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!
It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.
Rules:
1. Be Respectful
Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.
Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.
...
2. No Illegal Content
Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.
That means: -No promoting violence/threats against any individuals
-No CSA content or Revenge Porn
-No sharing private/personal information (Doxxing)
...
3. No Spam
Posting the same post, no matter the intent is against the rules.
-If you have posted content, please refrain from re-posting said content within this community.
-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.
-No posting Scams/Advertisements/Phishing Links/IP Grabbers
-No Bots, Bots will be banned from the community.
...
4. No Porn/Explicit
Content
-Do not post explicit content. Lemmy.World is not the instance for NSFW content.
-Do not post Gore or Shock Content.
...
5. No Enciting Harassment,
Brigading, Doxxing or Witch Hunts
-Do not Brigade other Communities
-No calls to action against other communities/users within Lemmy or outside of Lemmy.
-No Witch Hunts against users/communities.
-No content that harasses members within or outside of the community.
...
6. NSFW should be behind NSFW tags.
-Content that is NSFW should be behind NSFW tags.
-Content that might be distressing should be kept behind NSFW tags.
...
7. Content should match the theme of this community.
-Content should be Mildly infuriating.
-The Community !actuallyinfuriating has been born so that's where you should post the big stuff.
...
8. Reposting of Reddit content is permitted, try to credit the OC.
-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.
...
...
Also check out:
Partnered Communities:
Reach out to LillianVS for inclusion on the sidebar.
All communities included on the sidebar are to be made in compliance with the instance rules.
In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)
Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.
For a system I worked on a few years ago I got the password requirement:
Only upper case letters A-Z, no letter or symbols.
Exactly 7 characters.
I was also recommended to make it a single word to make it memorable.
That sounds like a game. Guess the word[s].
My favorite is when they don't have this check, but silently slice the string to meet the requirement, so that you can't login with the original password the next time.
Wells Fargo used to do this. They cut my 16 character password to 8 and negated capitalization. Which is why I don't use them anymore
This shit pisses me off so bad. I had an identity theft a few years back, took ages to undo, and my credit score is still impacted by it. At the time I moved to a password manager and all my passwords are 31 characters of garbage. I’ve got several, highly sensitive accounts that my passwords don’t work for, in fact one a bank, until fairly recently, had repurposed a phone number field in the DB so passwords were limited to 10 characters numeric only (I managed to get one of their IT folks on the horn to explain why the password was so awful).
I cannot believe we live in 2025 and we still haven’t figured out passwords.
My bank forces a 6 digit PIN as a password.
Their 2fa is also email or text only.
At least we can set a unique username?
I once registered an account with a random ~25 characters long password (Keepass PM) for buying tickets on https://uhuu.com.br/
The website allowed me to create the account just fine, but once I verified my e-mail, I couldn't log into it due to there being a character limit ONLY IN THE LOGIN PASSWORD FIELD. Atrocious.
EDIT: btw, the character limit was 12
How about creating a new account, letting bitwarden create a password, only for them to send me a clear text copy of that passwod in their confirmation email....
That means the breach is imminent, but at least you won’t need to worry about other accounts when it happens. Just be sure you don’t give them any kind of PII or financial data to save. No, you can’t save my card data to make shopping easier, because you’re almost certainly going to have a data breach next month, and drag your heels about disclosing it, giving hackers plenty of time to commit a bunch of fraud using all of the cards on file.
What’s more frustrating is when the password creation page is silently cutting off too long passwords and don’t inform you about it.
Okay so I agree with you that a longer password is better but this in no way indicates clear text password storage.
Is the maximum 24 characters because their database column is a VARCHAR(24)? That's one of the first questions that I thought of. Sure, it doesn't guarantee plaintext, but it's a indicator that it may be stored plaintext, considering hashing doesn't care about length. Or at the very least whoever has had eyes on this code doesn't know shit about security, which makes me less confident in the product as a whole.
The only reason I can think of to have a maximum would be to save on bandwidth and CPU cycles, and even then 24 characters is ridiculously stingy when the difference would be negligible.
bcrypt hashes only the first 72 bytes. 24 characters is the max amount of 4 byte UTF8 characters when using bcrypt. Which is stupid because UTF8 is variable, but still, it's a possible explanation.
My mum told be the other day she logged onto a new bank, gave it a 12 character password then couldn't get back in after. When she got through to their customer services they said that it was an 8 character password limit (!), but it just never said on the register screen.
Yeah, I'd be doing that bank if there's any choice.
Edit: Leaving (my attention got taken away as I posted)
Either this is some new slang I'm not rizz enough to understand or one of us had a stroke.
He just wants to have sex with the bank.
What's the point? no one is brute forcing a 12-15 password if the login system has ANY login attempt protection anyway.
This seems like one of the extreme overkill things...
Don’t worry, pretty soon they will just block password managers from autofilling fields on their login page so that you HAVE to remember your password! Then you’ll be happy it can’t be that long, you can only fit so much on a post-it note on the side of your monitor
/s
EDIT: I think there should be a law against blocking password managers for filling in fields. Any brute force bots are going to submit HTTP requests directly anyway; no one is hitting the DOM to do that
Your password MUST contain big and small letters, and contain at least 1 number character and 1 spacial character, it MUST be 8 characters long, and it MUST be typed on a German Cherry keyboard between 8-9 PM, using ONLY 1 finger while blindfolded and listening to ABBA music. BUT NO SPACES ALLOWED!!!
This is because of something called entropy we never even read about so we have zero understanding of it. Of course combined with lousy programming, so safety is all on you.
Making all these possibilities OPTIONAL would actually make for safer passwords (higher entropy), as would using multiple words separated by spaces. The only meaningful way to accept a password would be to test it against common bad passwords, and test the entropy to determine acceptable levels. There is no good reason a password couldn't be 10 words and at least 127 characters. There is no way that should stress a properly designed modern system.
