While on the topic, this isn’t how passwords work in systems.

Passwords are stored as one way hashes. So it’s cryptoed only in one direction, it’s lossy, and can’t be recovered back to the original password.

When you log on, your cleartext PW is hashed in ephemeral memory/storage and then the cleartext password is thrown away.

That hash is compared to the hash in the DB. If the hash matches, then you have access. If it doesn’t, then your PW is incorrect.

Oh my sweet Summer Child. This is definitely how it’s supposed to work, but there are plenty of services that just don’t know what the fuck they’re doing.

Have you ever been on a site that has a stupid-low character limit for a password? There’s literally no reason to do that, all the hashes are going to end up the same size in the DB anyway regardless of the original string length. Even bcrypt’s max secret character limit is 70-something characters.

Ever change a password and have it not work on the next login because they’re silently truncating it after a certain character limit? Ever get an email with an actual password in it?

The only reason you would do things like this is if you’re storing/processing passwords in plaintext and not hashing it client-side first.

I can think of 3 offenders of this off the top of my head. It’s a lot more common than you’d think.

hunter2

Wow, what a coincidence, my password is ******* too!

Were told our assignments in high school would get an automatic zero if we didn’t turn them in in cursive, even…

Lots of those in C# now, especially with Unity coming along like it did.

On Error Resume Next never before have more terrible words been spoken.

Every time I’m reading a PowerShell script at work and see -ErrorAction SilentlyContinue I want to scream into a pillow and forcefully revert their commit.

I’ve actually done it a few times, but I want to do it every time.

It is an absolutely fantastic (and bizarre) game with an addictive game loop. It reminds me of Stardew Valley in that you can just play it and chill, it’s one of those kinds of games; you won’t be super challenged while playing it, but that’s OK, it’s not that type of game. It has a basic storyline, good humor, and the mechanics of the game also expand quite a bit as compared to the beginning of it. I’ve told multiple people “Don’t look up reviews or videos, just buy this blind/sight-unseen and play it.” and there hasn’t been a single person that hasn’t enjoyed the shit out of it. I’d buy it again for twice the asking price. It’s just fun.

So yeah, 10000% recommend.

Unlawful harvesting of jellyfish? Dave the Diver.

CBOE will create options for it pretty soon after IPO, probably that week or the next. You’ll definitely be able to buy puts on it before you’ll be allowed to short sell it.

They really don’t, though. Inclusion/exclusion operators work most of the time, but it’ll still return results with explicitly-excluded keywords. It also fucks up results by returning entries with similar words to your query, even when you double-quote a part of the search term. Advanced queries that use booleans and logical AND/OR don’t work at all anymore, that functionality has been completely removed. It returns what it thinks you want, not what you actually want, even when explicitly crafting a query to be as specific as possible.

I use Kagi for search now and it’s 1000x better, especially when researching technical issues; it’s like when Google actually respected your search terms and query as a whole.

The fact that Firefox isn’t listed as a browser alternative but Brave is throws any credibility that this article might have straight into the garbage.

Suggesting Brave anything throws its credibility into the shitter, much less multiple times in multiple categories.

I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.

I’d recommend against that. Debian is fantastic for a server, but I think it leaves a lot to be desired as a workstation OS as compared to Fedora.

You can get it there/make it that way, but Fedora is just better from a user experience/convenience perspective out of the box.

BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

Eh, it’s a little more nuanced than that, there’re more standards for MFA code generation than just TOTP.

And even within the TOTP standard, there are options to adjust the code generation (timing, hash algorithm, # of characters in the generated code, etc.) that not all clients are going to support or will be user-configureable. Blizzard’s Battle.net MFA is a good example of that.

If the code is just your basic 6-digit HMAC/SHA1 30-second code, yeah, odds are almost 100% that your client of choice will support it, but anything other than that I wouldn’t automatically assume that it’s going to work.

If I go to sleep at that point, I’m out. Done. I’m sleeping through the alarms or turning them off in my sleep, and that’s a guarantee. No waking me up unless someone is physically dragging my ass out of bed, and that’s still just a maybe.

really wish Linux would could up something similar.

I mean, it kinda already exists. Just run it in a Docker container and remap the users in the container to non-existent uids/gids on the host.

When you see “Account created: 1997”.

“These are the sacred scrolls of the ancient ones.”

I have boots older than some people that are posting on Lemmy today…

Now that societal failsafe is gone. Now people just aren’t challenged for holding the wrong opinion.

I agree with everything you said except for this. Opinions are never wrong since they’re subjective, they’re just fucking stupid.

The only answer is Ublock Origin.

Aside from that, you can do adblocking for your entire network and everything on it via Pi-hole. It requires no modification for the devices on your network and will work for literally any device connected to it.

If you combine those two, the odds of seeing any ad anywhere isn’t zero, but it is close enough to zero to effectively be zero.

Nah.

GN didnt destroy Linus.

GN just assembled everything into a easily digestable package.

It was Linus’s Ego that destroyed Linus.

Absolutely. I once had an absolutely terrible boss, 10000% a sociopath and I wouldn’t be surprised at all to see a headline that said she’d been caught with multiple bodies buried under her house, but I’m still thankful for the experience because of one sentence that she said to me:

“People fire themselves.”

And that’s 100% true.

She then quoted Stalin’s “Death of one is a tragedy, death of a million is a statistic” as justification for trying to fire an entire department immediately after that though, so maybe it was just an infinite number of monkeys on typewriters situation. Either way, it gave me whiplash.

It’s a motivational button.

The only Chromium-based browser worth a damn is Vivaldi.

It’s privacy-focused and made by the same people who originally made Opera before it got sold off and turned into malware.