undefined | Better HN

0 pointszwirbl3y ago0 comments

When using 1Password this bit me once when I was signing up to my countries online finance and tax management. I managed to sign up and store the wrong password, without being able to look up the previously generated one. For extra "learned my lessons annoyance" I needed to get a new signup-code via snail mail to change the password.

0 comments

acdha3y ago

That's impressive for 1Password with the history feature but I wouldn't put anything past financial systems. One of our utilities broke their bill payment system in some manner that I was able to save my new password, have it be rejected on login, and then when I followed the password reset flow and tried to use that password it was rejected because it was the same as the current password.

ThePowerOfFuet3y ago

Password truncated at [login|reset] but not vice versa.

acdha3y ago

I’ve definitely seen that kind of before (app had max length in the HTML different than the max enforced by the validator). It’s amazing how much bad UX is tolerated in the name of security.

j / k navigate · click thread line to collapse

0 pointszwirbl3y ago0 comments

0 comments

acdha3y ago

ThePowerOfFuet3y ago

Password truncated at [login|reset] but not vice versa.

acdha3y ago

I’ve definitely seen that kind of before (app had max length in the HTML different than the max enforced by the validator). It’s amazing how much bad UX is tolerated in the name of security.

j / k navigate · click thread line to collapse