this post was submitted on 06 Jun 2026

-34 points (16.0% liked)

Ask Lemmy

39891 readers

822 users here now

A Fediverse community for open-ended, thought provoking questions

Rules: (interactive)

1) Be nice and; have fun

Doxxing, trolling, sealioning, racism, toxicity and dog-whistling are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them

2) All posts must end with a '?'

This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?

3) No spam

Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.

4) NSFW is okay, within reason

Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].

5) This is not a support community.

It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.

6) No US Politics.

Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online

Reminder: The terms of service apply here too.

Partnered Communities:

Logo design credit goes to: tubbadu

founded 3 years ago

MODERATORS

Bluetreefrog@lemmy.world

Asudox@lemmy.world

lemmy_bot@lemmy.world

beefbaby182@lemmy.world

ModeratorCan@lemmy.world

neidu3@sh.itjust.works

asudox@lemmy.asudox.dev

candyman337@lemmy.world

candyman337@sh.itjust.works

-34

why are some people perpetually stuck in the 2000s? (lemmy.wtf)

submitted 2 days ago* (last edited 1 day ago) by IAMgROOT@lemmy.wtf to c/asklemmy@lemmy.world

24 comments fedilink hide all child comments

"the internet is bad and emotions prevail there" maam do you have any idea how big the internet is? youre seeing a singular port and saying its the entire ocean

and dont get me on the cybersecurity and electronics ones

"use a strong password" whats that gonna do if the database gets pwned, sandra? or if you get pwned by a 0click 0day

"blue light is bad for you" LOL

all 25 comments

sorted by: hot top controversial new old

[–] tal@lemmy.today 24 points 2 days ago* (last edited 2 days ago) (1 children)

“use a strong password” whats that gonna do if the database gets pwned, sandra?

Strong passwords aren't intended to simply protect against brute-forcing a password via trying to authenticate repeatedly, but also to help protect against brute-force attempts to obtain passwords from a compromised password database using a dictionary attack, the scenario you're describing.

Typically

if an authentication system is storing its password database competently

the password shouldn't be stored in plain text. Instead, the password will be salted (to avoid rainbow table attacks) and then hashed via a cryptographic hash. The password database entry will look something like a tuple of (username, salt, salted hashed password). If the password is a strong one, it will be computationally-hard to obtain the plaintext password, even if someone has the salt and the salted, hashed password.

[–] IAMgROOT@lemmy.wtf -4 points 2 days ago (2 children)

I know using a strong password is important, but thats the bare minimum. this is more directed to the people who think strong passwords are the grail and will LITERALLY not do anything else, and call people paranoid schizos when they try to suggest security

[–] towerful@programming.dev 4 points 2 days ago (1 children)

That's fair.
What would you have them do? What are they missing?

[–] IAMgROOT@lemmy.wtf -2 points 2 days ago (1 children)

completely hardened browser
vpn (no corpo ones please)
secure services instead of corpo ones

[–] towerful@programming.dev 6 points 2 days ago

Yeh, for 99% of casual internet users... they just aren't going to care about that.
They don't want their email/Facebook/back account pwnd.
Like, at all.

It's like saying that 0.01% of traffic fatalities are because an airbag forces your head into the roof of the car. So you should wear a helmet when driving.

You aren't wrong.
Internet is a massive part of our daily lives. We should be able to fully trust the things we use to interact with it.
But convenience is going to win

[–] chunes@lemmy.world 1 points 2 days ago

Hey I'm like that. Honestly it's just annoying. Your service isn't a bank, it doesn't need to be locked down like one.

[–] otp@sh.itjust.works 18 points 2 days ago

Were you alive at all in the 00s?

[–] LH0ezVT@sh.itjust.works 3 points 1 day ago

Nice bait, dude. I hope you get something from the answers here.

[–] czl@lemmy.dbzer0.com 19 points 2 days ago (2 children)

For a guy with bad passwords and worse understanding of their storage, this post sure has a lot of emotions.

[–] everett@lemmy.ml 4 points 2 days ago (1 children)

I knew I recognized their username. You should check out this gem.

[–] czl@lemmy.dbzer0.com 2 points 1 day ago (1 children)

I have them tagged since they compared disliking big trucks to racism. They since deleted the post (wonder why)

[–] moondoggie@lemmy.world 1 points 20 hours ago

I tagged them back when they had the diatribe about being taught wisdom

[–] localghost@lemmy.today 8 points 2 days ago

"use a strong password" whats that gonna do if the database gets pwned, sandra? or if you get pwned by a 0click 0day

Is that the metric you're using for what to do? If it can't stand up to a 0click 0day you don't do it? Might as well not set up an account or use any services then.

Like most things, it's defense in depth. Use a strong password to make it harder to crack. Don't use the same password on more than one site so if they do crack it your blast radius is still small (this also applies to the database getting popped.)

Use MFA so even if they do get your credentials there's another barrier. Use an app based one like Aegis and avoid SMS and email if you can (though these can be better than nothing.)

Your goal should be to not be the low hanging fruit, not necessarily to be impenetrable especially when you don't control every piece of the tech stack. A strong password is just one part of that process.

[–] akunohana@piefed.blahaj.zone 7 points 2 days ago* (last edited 2 days ago) (2 children)

“use a strong password” whats that gonna do if the database gets pwned, sandra?

What database? And how is it pwned? And less importantly, who the hell is Sandra 😂

If you have chosen a, for lack of a better term, password database provider that stores passwords in plain text, which by the way is the only scenario in which pwning such a database would be viable, then that's on you. Otherwise, trying pwn a database that stores passwords in hashed formats following a secure hashing algorithm is not viable unless you are a nation state level actor with an unlimited amount of 5090s. Even then, if such an actor targets you, you are not like to have subscribes to an online database anyway.

The same applies for the scenario where you store your passwords locally: are they in plain text? Then thank the attacker for teaching you a lesson.* If they are hashed - or even better, since they are saved on your system, encrypted - then good luck brute forcing them.

*I do not condone this behavior

Edit: I miss the 2000's because connecting with people face to face was a thing. Because of my mental illness, I'm not capable of dating online. Our cultural (d)evolution has taken that from me. Also, Pokémon was still good instead of brain dead children's slop.

[–] IAMgROOT@lemmy.wtf -2 points 2 days ago (1 children)

the "brain dead childrens slop" is quite literally a few children that are getting brainrotted, the kids are fine

and im really sorry you have to go through that

[–] akunohana@piefed.blahaj.zone 3 points 2 days ago

It's only fair to be specific: in the earlier games, you had to be strategic. If you taught a TM, you used it up. If you taught an HM, it couldn't be unlearned. And while the backend of the leveling and stats system was broken, at least there weren't any obvious methods to "cheat" that weren't straight out bugs. I remember the first time I played Omega Ruby and I started to discover all this. And when I realized there was an island on which I could simply hold the joystick in one place to endlessly walk/bicycle and hatch eggs, I just quit Pokémon and never looked back. Occasionally, I do pick up my Fire Red and Soul Silver, the two last great games, if you ask me, but that's all.

[–] IAMgROOT@lemmy.wtf -1 points 2 days ago (1 children)

everything will eventually get pwned, its just a matter of time. and there is always human error. oops, dave gave root access to his system to claude because he didnt wanna have to wait 2 more minutes to stuff his face with donuts in the break room. we social engineered the website chatbot into allowing us to gain access of accounts that arent ours, with a proxy and a few nice words.

[–] Onomatopoeia@lemmy.cafe 2 points 2 days ago

But someone getting a well-encrypted database is going to have a helluva time decrypting it.

Which is why we say use good encryption.

[–] slazer2au@lemmy.world 6 points 2 days ago

Because Pokemon was king, Social Media was MySpace, crazy frog ringtones were everywhere and 444 55566688833 99966688 meant something.

[–] HubertManne@piefed.social 2 points 2 days ago

most things were sucking in the aughts but tech was still decent. that pretty much ended in the teens. you should use a strong password. Your like don't lock your door because how is that going to help you when someone breaks a window.

[–] radiofreebc@lemmy.world 2 points 2 days ago

The early 2000s sucked. Bush, 9/11, Iraq, dj's taking over for live music. The only people nostalgic for those times weren't around before them.