Comic Strips

23091 readers

2531 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author's website, for instance).
The comic must be a complete story.
If it is an external link, it must be to a specific story, not to the root of the site.
You may post comics from others or your own.
If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
The comic can be in any language, but if it's not in English, OP must include an English translation in the post's 'body' field (note: you don't need to select a specific language when posting a comic).
Politeness.
AI-generated comics aren't allowed.
Limit of two posts per person per day.
Bots aren't allowed.
Banned users will have their posts removed.
Adult content is not allowed. This community aims to be fun for people of all ages.

Web of links

!linuxmemes@lemmy.world: "I use Arch btw"
!memes@lemmy.world: memes (you don't say!)

founded 2 years ago

MODERATORS

lawrence@lemmy.world

598

Incorrect Password (media.piefed.world)

submitted 1 day ago by negativenull@piefed.world to c/comicstrips@lemmy.world

61 comments fedilink hide all child comments

source

you are viewing a single comment's thread
view the rest of the comments

[–] FelixCress@lemmy.world 6 points 1 day ago (2 children)

Fuck the cyber idiots and their "change password" requirements.

[–] fenrrs@lemmy.world 9 points 1 day ago (1 children)

Current best practice in cybersecurity is to not arbitrarily ask users to change passwords every x days, so any site doing this are following old guidelines.

[–] dual_sport_dork@lemmy.world 6 points 23 hours ago (1 children)

Yes, because among other things this annoys users into just writing down their password on a Post-It and sticking it to the bottom of their keyboard or monitor ripe for any passerby to take.

I have explained this to various management types repeatedly over the decades and nobody seems to get it.

[–] NaibofTabr@infosec.pub 4 points 23 hours ago (1 children)

I've had success directing people to the NIST password policy guidance.

[–] Draegur@lemmy.zip 1 points 4 hours ago

Wow it's almost as though somebody in there reads xkcd and knows about correct horse battery staple!

[–] negativenull@piefed.world 8 points 1 day ago (1 children)

Static password with good 2FA is the way to go.

[–] mrsemi@lemmy.world 4 points 1 day ago* (last edited 1 day ago) (1 children)

I ran into some app a while back that required 2fa "text you a code" to log in every time.

If you put in the wrong password, it still sent you the 2fa... Which it would accept for login.

I'm honestly not sure if it ever even checked the password.

[–] negativenull@piefed.world 2 points 1 day ago (1 children)

I've seen an increase of sites that bypass passwords altogether and rely on 2fa (claude.ai was one I noticed the otherday)

[–] dual_sport_dork@lemmy.world 6 points 23 hours ago (1 children)

That's... not 2FA anymore. It's reverted to 1FA, now with sprinkles on it.

[–] jaybone@lemmy.zip 3 points 21 hours ago

Those aren’t sprinkles.