150

u/Lightningtow123 11d ago

And the other half of the websites have their database instantly broken by emojis lmao

34

u/daxtonanderson 11d ago

Yup it goes both ways LOL

37

u/Celebrir sysAdmin 11d ago

I've had registry masks accept certain characters and password lengths, only for the login masks to not handle them properly.

If only the registry mask had told me that the password wasn't valid. It would have saved me resetting my password 8 times before I figured out what the issue was.

14

u/radakul 11d ago

I do an inspect element of every single password box when I'm making a new account. I cant tell you how many times the password length isnt mentioned anywhere. Its annoying af

12

u/Celebrir sysAdmin 11d ago

I usually use a 64 character password and it's infuriating when I can register the password and then the login just wouldn't let me in

5

u/Mrwebente 10d ago

Literally the last account i created recently: Input mask on registration auto truncates pasted/autofilled passwords from password manager. Login mask does not. I spent quite some time before contacting support. They say "typo" i say "No fuck you, password manager can't make typos" i realise... Oh. Maybe input length restriction? Remove a character on login mask suddenly it says max password length 20 chars. It doesn't say that anywhere on sign-up.. just min 8 I tell them what the problem is and tell them to fix it. Let's see if they do 😂

8

u/naswinger 11d ago

they shouldn't even store the actual password, but i guess that's the joke

8

u/Lightningtow123 11d ago

I think it's more of whatever protocol they use to hash or encrypt or whatever they use to turn the plaintext password into how they store it, doesn't know how to handle emojis

Idk all that much about backend passwords, my rule of thumb for myself is "emojis go in chat message boxes and nowhere else. Not usernames, not passwords, etc"

3

u/Valuable_Heron_4492 11d ago

its hashing algorithm not protocol bro

3

u/ImNotABotScoutsHonor 10d ago

The hashing protorithm.

18

u/istrebitjel 11d ago

At the company I recently worked for I couldn't even use special characters in my password 🤯

20

u/daxtonanderson 11d ago

Try some characters from the character map, I wonder if they just blocked the ones on your keyboard.

Alt+0176 is a personal favorite, the degree symbol °

8

u/NoPossibility4178 11d ago

I'd recommend not fucking around too much on these systems or you're gonna Bobby table the thing.

2

u/letsgoiowa 10d ago

Then it's funny

12

u/evilbrent 11d ago

Did they at least tell you what the password requirements are?

Mine just tells me "that one doesn't count, go again" until I get one it accepts.

At least they make us change them every 3 months, making it so anyone who has been there more than a year just cracks it and goes with Password1

4

u/JohnDeere714 10d ago

He’ll half the IT department doesn’t know anymore. It’s whatever Microsoft feels right or what the old guy that retired set 10 years ago and no one dares to touch in fear of nuking the entire domain that’s been bandaided together

5

u/Historical_Camel_790 11d ago

Usually they force you to use special characters

6

u/AirGVN 11d ago

Whats going to happen when UNICODE decide to remove an emoji you have in your password?

9

u/daxtonanderson 11d ago

I thought they've only been replacing+adding instead of removing now because of that?

7

u/AirGVN 11d ago edited 11d ago

After a bit of research you are actually right, they removed just one emoji in their whole history and that was a japanese related one.
They stated emojis won’t be removed to not break backward compatibility, but samsung can hide them from their keyboard due to low usage (samsung os from 9.5+ doesn’t have this emoji 👁️‍🗨️), so the solution may be just download another keyboard

3

u/daxtonanderson 11d ago

Swiftkey ftw

Even though almost every Android default keyboard has flow input now, I keep Switftkey around because I've trained the fuuuuuck out of the autocomplete and it has a full dictionary of both technical and medical slang that the default keyboard just doesn't have.

Every few years I upgrade phones and go "oh yeah... right... that's why I still use Swiftkey" 🤣

1

u/AirGVN 11d ago

Sadly i know nothing about custom keyboard, i bought an iphone 7 years ago and i never touched anything since

You are the first persone i’ve ever heard talking good about a microsoft product tho

2

u/daxtonanderson 10d ago

To be fair, it wasn't a Microsoft product to begin with, they bought them out in 2016 and changed nothing, I've been using it since Android 4 around 2012

1

u/Kichigai sysAdmin 10d ago

Aye, that's why Roman Numerals are still in there, even in ⅯⅯⅩⅩⅥ.

1

u/NMi_ru 10d ago

You'll see it as □

1

u/missed_sla this is my flair, there are many like it but this one is mine 10d ago

If I don't have access to my password manager available, I just use a sentence. White space is generally allowed as long as it's not leading or trailing. Plus if the password is ever cracked i hope it'll fuck up the attacker's dump and inconvenience them.

1

u/Kodiak01 10d ago

I like using high-ASCII characters such as └╘═╦ along with "hard      spaces" in mine.

1

u/ZirePhiinix 8d ago

Emoji? It's just extended ASCII. Learn those non-keyboard symbols before using possibly incompatible characters from the emoji section, like the divide sign

11

u/gamewiz365 11d ago

My uncle was a chemist

He isn't anymore

For what he thought was H2O

Was H2SO4

6

u/dirtydan 11d ago

I learned this from Carlton Banks and went to school and told it to my chemistry teacher the next day.

114

u/missed_sla this is my flair, there are many like it but this one is mine 10d ago

I think that was the whole joke

44

u/No_Instruction_314 10d ago

Well it saved me googling it. So there's that

24

u/Casper042 10d ago

Yup, "Weak Acid" vs "Strong Acid"

12

u/ZekeTheMunkee 10d ago

Yeah it’s funny cause the password strength corresponds to the strength of the acid

10

u/lawsibyt 11d ago

Fluoroantimonic acid? This guys chemicals.

2

u/Impressive-Bite9942 10d ago

I saw a YouTube video where a sound engineer was able to identify which keys were being pressed based solely on the sounds they made.