Shit sometimes gives me this while using a password manager! The saved password is correct. Even the change password thing says it should be correct. Still tells me it's wrong trying to use it.

[–] skulblaka@sh.itjust.works 64 points 1 week ago (6 children)

That just means they're forcing everyone to change their passwords but they don't want to come out and tell you about it.

If you're lucky, some overzealous sysadmin is just trying to enforce regular password updates on his users, and makes them expire every once in a while.

More likely, there was a breach of some sort that they want to keep on the hush.

[–] MicrowavedTea@infosec.pub 34 points 1 week ago (4 children)

It's also possible there's a hidden max password size somewhere, like some fields only counting the first x characters of the password but it's inconsistent across different forms.

[–] wreckedcarzz@lemmy.world 11 points 1 week ago* (last edited 1 week ago) (1 children)

USAA is guilty of this shit. Let's you set a huge password. Truncates it. Doesn't tell you about it. Error when logging in.

I want to beat the motherfucker behind this strategy.

E: Kagi too. I bitched out the support and I got a 'meh, it should have told you' response. Fix your shit.

[–] MicrowavedTea@infosec.pub 6 points 1 week ago (1 children)

Not sure what is worse, not telling you and giving an error or not telling you and letting you log in (ie truncating the password both times, letting you think your password is longer than it is)

[–] JcbAzPx@lemmy.world 3 points 1 week ago

The first is more annoying, the second is scummier.

load more comments (2 replies)

load more comments (3 replies)

load more comments (5 replies)