Nefarious
Image description: The text contains the phrase "Hey! What's going on?" followed by the phrase "Sick bastard!". Below that is some code that appears to be related to password verification.
(Originally published on mastodon.social: 2024-02-18)
I know I've been toiling in the Sysadmin Mines for too long in my life because I read the code and thought "Heh, that's a neat workaround" š
Itās not a bad idea. From some points of view.
The dark side is the pathway to many abilities some whould callā¦unnatural.
This man found the code for USB plugs
I have the feeling Iāve been tricked by this quite a few times.
Most sites randomize this slightly to make you doubt yourself. To prevent brute forces from getting lucky, itās more likely to happen the more tries you do per ip address.
most sites
Iād be interested to see some data on that. Using a password manager, I almost never type my password, and Iāve definitely never had an invalid password error across the like 180 sites in my password manager when itās being autofilled correctly
The code basically says that if you donāt input the password correctly at first you donāt get to log in for the whole session.Edit: nvm it actually checks for both being true without negating them. So it always forces the user to input the same password twice
Which is kind of genius.
Whereās the Sleep(5000) in the middle there?
Image description: A three pane comic depicting an office setting. In the first pane a men with bags under his eyes and a cup of coffee asks āHey! Whatās going on?ā while two men and a woman stand exasperated behind a men who looks at the computer screen while smiling. In the second pane the coffee drinker spits his coffee and drops the mug while in the standing trio, the woman screams āSick bastardā towards the person on the computer, one man covers his mouth while his hair turns gray and the second man rips his own hair. The men on the computer does a thumbs up, still smiling. The third pane shows the computer screen which contains a ābrute force attack protectionā programming code. The code reads "If is password correct and is first login attempt, then error: wrong login or password "
undefined
*DELETED*. *BY*. *USER*. *PERMANENTLY*
If my password, which I copy-pasted from my password manager, is rejected twice, then I assume I must have deleted my account.
That sounds like the logic in a Douglas Adams computer game.
genuinely evil. I like it.
i swear my phone has this "feature"
Hey where did you find my code? But I even wrote a comment spam protector like this with first ten tries and random.
if (! isPasswordCorrect) && isFirstLoginAttempt: letThemIn()? :-)
sshhh now youāve told them š¤
monster!