Cybersecurity - Memes

2063 readers

1 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago

MODERATORS

[email protected]

304

I hate passwords (feddit.org)

submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]

54 comments fedilink hide all child comments

How on earth can you both not accept the password I copied from my password safe and tell me that I cannot use the same pasaword again?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 1 week ago (2 children)

I've never really understood why most systems are set up to reject a password reset if it's the same password. Is there a security issue there that I'm not picking up on?

It seems like they should just let you reset your password anyway if you've reached that screen (usually using some kind of authorisation, like using a link with a token in it that gets emailed to you or something).

[–] [email protected] 4 points 1 week ago (2 children)

The security risk I see is that the cause of you resetting your password could be that it is leaked. For that case, it is good to remind the user that they shouldn't override it with their current password. That said it would be nice to have a "I know what I am doing" option and allow it anyway

[–] [email protected] 4 points 1 week ago

If you forgot your password and are trying to reset it with the exact same password you forgot, then you obviously don't know what you are doing.

[–] [email protected] 1 points 1 week ago

Ah, that's a great point!

[–] [email protected] 2 points 1 week ago

Having a "change password" option that allows you to not change your password would be somewhat strange ;)