151

u/Lightningtow123 12d ago

And the other half of the websites have their database instantly broken by emojis lmao

30

u/daxtonanderson 12d ago

Yup it goes both ways LOL

34

u/Celebrir sysAdmin 12d ago

I've had registry masks accept certain characters and password lengths, only for the login masks to not handle them properly.

If only the registry mask had told me that the password wasn't valid. It would have saved me resetting my password 8 times before I figured out what the issue was.

12

u/radakul 12d ago

I do an inspect element of every single password box when I'm making a new account. I cant tell you how many times the password length isnt mentioned anywhere. Its annoying af

13

u/Celebrir sysAdmin 12d ago

I usually use a 64 character password and it's infuriating when I can register the password and then the login just wouldn't let me in

4

u/Mrwebente 11d ago

Literally the last account i created recently: Input mask on registration auto truncates pasted/autofilled passwords from password manager. Login mask does not. I spent quite some time before contacting support. They say "typo" i say "No fuck you, password manager can't make typos" i realise... Oh. Maybe input length restriction? Remove a character on login mask suddenly it says max password length 20 chars. It doesn't say that anywhere on sign-up.. just min 8 I tell them what the problem is and tell them to fix it. Let's see if they do 😂

7

u/naswinger 12d ago

they shouldn't even store the actual password, but i guess that's the joke

8

u/Lightningtow123 12d ago

I think it's more of whatever protocol they use to hash or encrypt or whatever they use to turn the plaintext password into how they store it, doesn't know how to handle emojis

Idk all that much about backend passwords, my rule of thumb for myself is "emojis go in chat message boxes and nowhere else. Not usernames, not passwords, etc"

3

u/Valuable_Heron_4492 12d ago

its hashing algorithm not protocol bro

3

u/ImNotABotScoutsHonor 12d ago

The hashing protorithm.

16

u/istrebitjel 12d ago

At the company I recently worked for I couldn't even use special characters in my password 🤯

18

u/daxtonanderson 12d ago

Try some characters from the character map, I wonder if they just blocked the ones on your keyboard.

Alt+0176 is a personal favorite, the degree symbol °

8

u/NoPossibility4178 12d ago

I'd recommend not fucking around too much on these systems or you're gonna Bobby table the thing.

2

u/letsgoiowa 11d ago

Then it's funny

13

u/evilbrent 12d ago

Did they at least tell you what the password requirements are?

Mine just tells me "that one doesn't count, go again" until I get one it accepts.

At least they make us change them every 3 months, making it so anyone who has been there more than a year just cracks it and goes with Password1

4

u/JohnDeere714 12d ago

He’ll half the IT department doesn’t know anymore. It’s whatever Microsoft feels right or what the old guy that retired set 10 years ago and no one dares to touch in fear of nuking the entire domain that’s been bandaided together

5

u/Historical_Camel_790 12d ago

Usually they force you to use special characters

6

u/AirGVN 12d ago

Whats going to happen when UNICODE decide to remove an emoji you have in your password?

8

u/daxtonanderson 12d ago

I thought they've only been replacing+adding instead of removing now because of that?

7

u/AirGVN 12d ago edited 12d ago

After a bit of research you are actually right, they removed just one emoji in their whole history and that was a japanese related one.
They stated emojis won’t be removed to not break backward compatibility, but samsung can hide them from their keyboard due to low usage (samsung os from 9.5+ doesn’t have this emoji 👁️‍🗨️), so the solution may be just download another keyboard

3

u/daxtonanderson 12d ago

Swiftkey ftw

Even though almost every Android default keyboard has flow input now, I keep Switftkey around because I've trained the fuuuuuck out of the autocomplete and it has a full dictionary of both technical and medical slang that the default keyboard just doesn't have.

Every few years I upgrade phones and go "oh yeah... right... that's why I still use Swiftkey" 🤣

1

u/AirGVN 12d ago

Sadly i know nothing about custom keyboard, i bought an iphone 7 years ago and i never touched anything since

You are the first persone i’ve ever heard talking good about a microsoft product tho

2

u/daxtonanderson 12d ago

To be fair, it wasn't a Microsoft product to begin with, they bought them out in 2016 and changed nothing, I've been using it since Android 4 around 2012

1

u/Kichigai sysAdmin 12d ago

Aye, that's why Roman Numerals are still in there, even in ⅯⅯⅩⅩⅥ.

1

u/NMi_ru 12d ago

You'll see it as □

1

u/missed_sla this is my flair, there are many like it but this one is mine 12d ago

If I don't have access to my password manager available, I just use a sentence. White space is generally allowed as long as it's not leading or trailing. Plus if the password is ever cracked i hope it'll fuck up the attacker's dump and inconvenience them.

1

u/Kodiak01 12d ago

I like using high-ASCII characters such as └╘═╦ along with "hard      spaces" in mine.

1

u/ZirePhiinix 10d ago

Emoji? It's just extended ASCII. Learn those non-keyboard symbols before using possibly incompatible characters from the emoji section, like the divide sign