this post was submitted on 13 Mar 2026
995 points (98.6% liked)

Programmer Humor

30340 readers
2925 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
995
I love password based login (lemmy.world)
submitted 20 hours ago by bdjegifjdvw@lemmy.world to c/programmer_humor@programming.dev
127 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] LiveLM@lemmy.zip 112 points 18 hours ago* (last edited 18 hours ago) (6 children)

The best I've seen was yesterday where a website had the log-in button greyed out after the password manager filled my creds in.
So I had to manually click both the email and password field. Just click them. Then it enabled the log-in button.
So someone took their time to write a piece of JS that said "If the user hasn't focused both fields at least once, no login". Literally why? Extra code that does nothing useful.

I was hoping passkeys would be the solution to this madness, but it seems to me the entire spec gives too much power to the OS Makers and too little to the users because "mUh AtTtEsTatIoN" so now I don't know anymore

[–] JensSpahnpasta@feddit.org 1 points 4 hours ago

It's not perfect but will break many bot logins and people trying different logins from data leaks.

[–] Passerby6497@lemmy.world 4 points 10 hours ago

Oh, it gets worse. I've had some where I have to enter a character into the boxes before it would figure its shit out...

[–] Gumbyyy@lemmy.world 52 points 17 hours ago (3 children)

I've definitely run into that. Even more frustrating is when there was one particular site that forced me to actually delete the last character of my password and then retype it. Just focusing in the field wasn't enough, I had to actually send it a keystroke. And Ctrl-V to paste the password in manually didn't count. I suppose typing a random character at the end and then deleting it would have worked too.

[–] towerful@programming.dev 26 points 16 hours ago

When ctrl+v is disabled to "prevent brute force bots" or something ridiculous

[–] Jessica@discuss.tchncs.de 9 points 17 hours ago

I used to have this problem with the payroll website ADP! So cursed

[–] Sir_Kevin@lemmy.dbzer0.com 3 points 13 hours ago

I've seen this a stupid number of times. I wish I could remember which websites..

[–] spizzat2@lemmy.zip 23 points 16 hours ago

My utitlies website doesn't let you login if the password field is autofilled by the browser. Whatever Angular-based form validation they are using doesn't play nice with Firefox's saved password feature. You have to manually type something in the password field, so I always add and remove a space from the password.

I sent an email to their support, hoping they would fix it, but they just responded saying that they can't reproduce it.

Well, I can reproduce it. I even told you how. That sounds like a skill issue.

[–] ricecake@sh.itjust.works 1 points 10 hours ago

They inevitably didn't write it for that reason. They wrote it to say the field is invalid until the user changes it to be valid after someone landed on the page holding the enter key down and instantly locked themselves out after submitting the form 50 times in 3 seconds.
Unless you know otherwise, it's easy to think that "form interaction" is the same as "form changed", and one of those is much easier to check.

I'm unsure what you mean about passkeys. I don't think I've heard anyone mention significant concessions to os makers and I'm pretty tuned in on the topic.

[–] TheSeveralJourneysOfReemus@lemmy.world 3 points 15 hours ago

the user must be a human, so i imagine that being the rationale.