memes

17922 readers

2905 users here now

Community rules

1. Be civil

No trolling, bigotry or other insulting / annoying behaviour

2. No politics

This is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent reposts

Check for reposts when posting a meme, you can only repost after 1 month

4. No bots

No bots without the express approval of the mods or the admins

5. No Spam/Ads/AI Slop

No advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

!tenforward@lemmy.world : Star Trek memes, chat and shitposts
!lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
!linuxmemes@lemmy.world : Linux themed memes
!comicstrips@lemmy.world : for those who love comic stories.

founded 2 years ago

MODERATORS

Tenthrow@lemmy.world

The_Picard_Maneuver@lemmy.world

The_Picard_Maneuver@startrek.website

683

But it kinda works tho... (infosec.pub)

submitted 2 weeks ago by Lasherz12@lemmy.world to c/memes@lemmy.world

40 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] MyTurtleSwimsUpsideDown@fedia.io 75 points 2 weeks ago (1 children)

It rejects the first [correct] login attempt (it’s worded poorly). It assumes that a brute force attacker will try any given password once and move on, while a human user will think they made a typo and try again. This works until the attacker realizes that it takes two attempts, in which case it merely doubles the attempts required to breach the account, and simply requiring an additional password character would be vastly more effective.

[–] snooggums@piefed.world 37 points 2 weeks ago (5 children)

What a shitty user experience for regular users.

[–] dreadbeef@lemmy.dbzer0.com 92 points 2 weeks ago (1 children)

which is why they made a comic instead of a revolutionary thought leading blog post

[–] taiyang@lemmy.world 14 points 2 weeks ago

Hey now, I'm sure there's someone on LinkedIn suggesting this exact thing with layers of corporate speak.

[–] ICastFist@programming.dev 15 points 2 weeks ago

Just like captcha

[–] MyTurtleSwimsUpsideDown@fedia.io 15 points 2 weeks ago

Agreed, and also makes it readily known that that is what you are doing.

The sneakier more user friendly way to implement it would be to require the second correct attempt only if the user has made an incorrect attempt since the last successful login.

[–] petersr@lemmy.world 4 points 2 weeks ago

Look, we all need to pay a little for the greater good of security.

[–] Smoogs@lemmy.world 4 points 2 weeks ago

Yup it’s like how software companies will get a hate on for pirates and take it out on their loyal paying cutosmers