undefined | Better HN

0 pointsnwsm5y ago0 comments

Eventually we'll add an analytics plugin and need the banner. But at the time it was one of those "every site has one" decisions from non-technical folks. Similar frustration with arbitrary password requirements on the same site.

0 comments

12 comments · 6 top-level

DarkWiiPlayer5y ago· 3 in thread

> password requirements

Tell your higher-ups I hate them. I decide what my password is and if its secure enough considering how much I value a given service.

airstrike5y ago

Sometimes I really want my password to be 123123!

reaperducer5y ago

Sometimes I really want my password to be 123123!

Yes, I do.

For example, I have a laptop that is airgapped from the internet. But macOS still requires a password to differentiate between users.

Fortunately, Apple permits four-digit numbers to be used for logins, and doesn't impose its own views on the situation.

DarkWiiPlayer5y ago

Linux mint tells you* your password isn't strong enough, but just lets you click "next" anyway. Best approach if you ask me.

* During user creation at least

alangibson5y ago· 3 in thread

My "dysfunctional product design process" alarm is going off.

The idea of implementing an annoying popup to support something you _might_ do in the future for any reason is madness.

And do they not realize that user credentials are a huge liability? Why would you want to support anything related to user identity if you don't need to.

reaperducer5y ago

My "dysfunctional product design process" alarm is going off.

Very few companies are large enough to have a "product design process."

In situations like this, it's usually some paper-pusher saw it on his favorite web site and thinks it should be on the company's, too.

Middle managers gotta middle manage.

kubanczyk5y ago

> Middle managers gotta middle manage

Hilarious, stealing it!

Originally at https://news.ycombinator.com/item?id=23797037

mewpmewp25y ago

I don't think it is irrational ot madness at all. Imagine having to switch developers and then you ask for analytics from your new developer. Very easy to happen that they could forget about the cookie banner.

I would go as far as to say it is wise to deal with it once and for all.

Especially since implementing the banner takes such short amount of time. Worrying about it will waste many times more brain cycles and once again there is always a chance someone forgets about it in the future and legal worries will be infinitely more costly.

Alupis5y ago

Probably an unpopular opinion - but if you do not have a physical presence in the EU, and you're not the size of some Unicorn corp, you can completely ignore these silly cookie banners for now and instead focus on things that actually matter for your startup.

Angostura5y ago

"We've used advanced technology design to ensure we are compliant without the need for the ugly banners other sites are forced to use"

dvtrn5y ago

What are we as technical operators even good for if our counsel, judgment and recommendations (things I thought we were even hired for as valuable key contribution points) are frequently overridden by non-technical people who in the best cases don’t understand the evidence shown, in the worst don’t even care to?

wdb5y ago

Well, if you use Cloud Armour and you try to change the password it apparently doesn't like the password to start with $ and then this blocks the whole request.

Two options to solve disable the specific rule or change the password requirements. Sometimes the latter is the easiest in some companies.

j / k navigate · click thread line to collapse

0 comments

12 comments · 6 top-level

DarkWiiPlayer5y ago· 3 in thread

> password requirements

Tell your higher-ups I hate them. I decide what my password is and if its secure enough considering how much I value a given service.

airstrike5y ago

Sometimes I really want my password to be 123123!

reaperducer5y ago

Sometimes I really want my password to be 123123!

Yes, I do.

For example, I have a laptop that is airgapped from the internet. But macOS still requires a password to differentiate between users.

Fortunately, Apple permits four-digit numbers to be used for logins, and doesn't impose its own views on the situation.

DarkWiiPlayer5y ago

Linux mint tells you* your password isn't strong enough, but just lets you click "next" anyway. Best approach if you ask me.

* During user creation at least

alangibson5y ago· 3 in thread

My "dysfunctional product design process" alarm is going off.

The idea of implementing an annoying popup to support something you _might_ do in the future for any reason is madness.

And do they not realize that user credentials are a huge liability? Why would you want to support anything related to user identity if you don't need to.

reaperducer5y ago

My "dysfunctional product design process" alarm is going off.

Very few companies are large enough to have a "product design process."

In situations like this, it's usually some paper-pusher saw it on his favorite web site and thinks it should be on the company's, too.

Middle managers gotta middle manage.

kubanczyk5y ago

> Middle managers gotta middle manage

Hilarious, stealing it!

Originally at https://news.ycombinator.com/item?id=23797037

mewpmewp25y ago

I would go as far as to say it is wise to deal with it once and for all.

Alupis5y ago

Angostura5y ago

"We've used advanced technology design to ensure we are compliant without the need for the ugly banners other sites are forced to use"

dvtrn5y ago

wdb5y ago

Well, if you use Cloud Armour and you try to change the password it apparently doesn't like the password to start with $ and then this blocks the whole request.

Two options to solve disable the specific rule or change the password requirements. Sometimes the latter is the easiest in some companies.

j / k navigate · click thread line to collapse