Passwords - eviltoast

We’ve all been there.

  • pfannkuchen_gesicht@lemmy.one
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Funniest thing was when I registered on a website which parsed the \0 sequence and hence truncated the password in the background unbeknownst to me. This way you could circumvent the minimum length and creare a one character password.

    • magic_lobster_party@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Once I registered on a website. I used an auto generated password. Next time I tried to log in to the website I was confused that my stored password didn’t work. Requested to change the password, but I used the stored password again. To my surprise, it said the password must be different from the current one.

      After a bit back and forth I finally figured it out. Apparently the site had a max length on the password. Any password longer than that is truncated. This truncation wasn’t applied in the login form. Only when creating a password.