560
you are viewing a single comment's thread
view the rest of the comments
[-] Serinus@lemmy.world 3 points 2 months ago

but they don't want to come out and tell you about it.

It also doesn't require a code change to continue blaming the user when you invalidate all current passwords.

It's a couple database queries to move all current passwords to old passwords, and change current (hashed) password for everyone to "deadbeef". Nobody can guess a value that adds to their salt and hashes to "deadbeef", and you get this behavior.

this post was submitted on 26 May 2025
560 points (96.4% liked)

Cybersecurity - Memes

3220 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS