• doctordevice@lemm.ee
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    My favorite is when systems will stealth truncate your password without telling you, but only when setting it. For some reason I often encounter this with systems truncating to 20 characters.

    • Set 24 character password: no error (secretly truncated to 20 characters).
    • Try to log in: credentials invalid (it checks the full 24 character one against the 20 character one).
    • Go to reset to what it should be, password can’t be the same (again, stealth truncating to 20 characters).