this post was submitted on 18 Feb 2024
349 points (100.0% liked)

tails: A Place for Mastodon Posts

344 readers
1 users here now

A virtual community

Posts from Mastodon users, featured natively in a community, so you can view them without the need for them to be re-hosted or screenshoted, and reply to the original author and Mastodon respondents if you wish.

Has so far included content from Warsandpeas, Mr. Lovenstein, SMBC, Loading Artist, Low Quality Facts, nixCraft, ElleGray, and other interesting or provocative stuff I've random'd across on Mastodon.


Supported:
Comments & Upvotes
Unsupported:
Posts, Downvotes, & PD's Automod

founded 9 months ago
MODERATORS
 

Image description: The text contains the phrase "Hey! What's going on?" followed by the phrase "Sick bastard!". Below that is some code that appears to be related to password verification.


(Originally published on mastodon.social: 2024-02-18)

top 20 comments
sorted by: hot top controversial new old
[–] [email protected] 42 points 8 months ago* (last edited 8 months ago) (1 children)

I know I've been toiling in the Sysadmin Mines for too long in my life because I read the code and thought "Heh, that's a neat workaround" 😅

[–] [email protected] 21 points 8 months ago (1 children)

It’s not a bad idea. From some points of view.

[–] [email protected] 14 points 8 months ago

The dark side is the pathway to many abilities some whould call…unnatural.

[–] [email protected] 39 points 8 months ago

This man found the code for USB plugs

[–] [email protected] 31 points 8 months ago (1 children)

I have the feeling I’ve been tricked by this quite a few times.

[–] [email protected] 6 points 8 months ago (1 children)

Most sites randomize this slightly to make you doubt yourself. To prevent brute forces from getting lucky, it’s more likely to happen the more tries you do per ip address.

[–] [email protected] 28 points 8 months ago

most sites

I’d be interested to see some data on that. Using a password manager, I almost never type my password, and I’ve definitely never had an invalid password error across the like 180 sites in my password manager when it’s being autofilled correctly

[–] [email protected] 14 points 8 months ago (1 children)

The code basically says that if you don’t input the password correctly at first you don’t get to log in for the whole session.Edit: nvm it actually checks for both being true without negating them. So it always forces the user to input the same password twice

[–] [email protected] 3 points 8 months ago

Which is kind of genius.

[–] [email protected] 9 points 8 months ago

Image description: A three pane comic depicting an office setting. In the first pane a men with bags under his eyes and a cup of coffee asks “Hey! What’s going on?” while two men and a woman stand exasperated behind a men who looks at the computer screen while smiling. In the second pane the coffee drinker spits his coffee and drops the mug while in the standing trio, the woman screams “Sick bastard” towards the person on the computer, one man covers his mouth while his hair turns gray and the second man rips his own hair. The men on the computer does a thumbs up, still smiling. The third pane shows the computer screen which contains a “brute force attack protection” programming code. The code reads "If is password correct and is first login attempt, then error: wrong login or password "

[–] [email protected] 9 points 8 months ago* (last edited 8 months ago)

Where’s the Sleep(5000) in the middle there?

[–] [email protected] 8 points 8 months ago (2 children)
 *DELETED*.          *BY*.       *USER*.       *PERMANENTLY*
[–] [email protected] 9 points 8 months ago

If my password, which I copy-pasted from my password manager, is rejected twice, then I assume I must have deleted my account.

[–] [email protected] 3 points 8 months ago

That sounds like the logic in a Douglas Adams computer game.

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)

genuinely evil. I like it.

[–] [email protected] 4 points 8 months ago* (last edited 8 months ago)

i swear my phone has this "feature"

[–] [email protected] 3 points 8 months ago* (last edited 8 months ago)

Hey where did you find my code? But I even wrote a comment spam protector like this with first ten tries and random.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

if (! isPasswordCorrect) && isFirstLoginAttempt: letThemIn()? :-)

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

sshhh now you’ve told them 😤

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)