What is your favourite password rule?

  • Ephera@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    3 months ago

    My ‘favorite’ password rules are incorrect rules. Recently signed up to a service, which looked like it hasn’t been updated since the 90s. They sent me my password via letter, but hey, I was allowed to change it digitally.

    So, I did. I set it to a reasonably long password (probably something like 22 characters), with no problems.

    Then I went to login and it refused my login. I copied my password out of my password manager, for both setting it and logging in, so there was no way that it was wrong. I quadruple checked the login name, but no luck.

    Eventually, I manually typed the password from my password manager. Then I saw it, their password field stopped accepting inputs after about 20 characters.
    Presumably, I was able to set my long password on the registration page, but the login page did not accept this long of a password. Fucking ace.
    I had to order another password letter.

    • bleistift2@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      As a website developer, it’s easy to just use the ‘maxlength’ attribute on fields you don’t want to exceed a certain length (for valid reasons or not). But then exactly this happens: A user pastes something in there, doesn’t notice that their input got truncated, and something, somewhere breaks.

      ‘maxlength’ is terrible user experience.

  • Dem Bosain@midwest.social
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    I just had to make a password for a hotel.

    8 to 20 characters Uppercase Lowercase Digits OR special characters.

    The capitalized OR is important. You can have either numbers in the password, or special characters, BUT NOT BOTH.

    Took me 8 tries.

    • First one was too long.
    • Second and third used both numbers and characters, but I thought the characters were TOO special.
    • 4 through 6 used both numbers and special characters.
    • Seventh password used just letters and numbers, and it was accepted.
    • Eighth try I used just letters and keyboard characters, and that was accepted too.
  • SkaveRat@discuss.tchncs.de
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    3 months ago

    Requirement: Needs special characters

    Not accepted for some reason: using ọ̵̑h̸̞̉ ̴̰͒g̴͛ͅõ̸̦ḓ̵͠ ̸̳͌w̵̡̛h̴̦͘ŷ̵̫

    • SLfgb@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      3 months ago

      The elements in your password must have atomic numbers that add up to 200.

      Seriously?

      Edit: I think I lost when my pw got burnt up. Is there more?

      Edit2: 3rd try (i think) and I quelled the fire this time. Paul hatched. But: 😒

      spoiler