I don't think they actually store any passwords, usually hashes are stored for better security. Of course not everyone does this so yeah thanks to Skeleton.
this post was submitted on 03 Nov 2025
1095 points (98.2% liked)
memes
17922 readers
2803 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads/AI Slop
No advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 2 years ago
MODERATORS
Jokes on me, the bank site doesn't allow for special characters and has a hard limit of 10 characters.
Beat me to it.
Pass","words","Are","fun","\n
Fuck that csv All the way up.
A perspective from someone who red teams for a living:
If I encounter a password like that, I'm probably going to pay special attention to your account among the millions. Commas dont stop most people from being weak to password permutations either.
If you're manually checking the 12 million username password pairs in the leaked database you aren't really going to breach many accounts before people update their passwords, are you?
Yup. Tis a joke.
load more comments
(3 replies)
That's why I use "" to escape the commas.
fun fact, "commas" does not require an apostrophe
Single quotes are another great way to mess with unsanitized data input though
load more comments
(5 replies)
Use EICAR test strings as passwords so when the password is stored as plain text the antivirus software will delete the file.
Dude makes a whole binary of a virus his password.
Doesn't have to be a binary file, toss the string in a txt file and the AV still throws a fit.
According to wikipedia it has to be at the beginning of the test file or it won't work.
load more comments
(1 replies)
Sadly it wouldn't work if found in a CSV file with other records:
According to EICAR's specification the antivirus detects the test file only if it starts with the 68-byte test string and is not more than 128 bytes long. As a result, antiviruses are not expected to raise an alarm on some other document containing the test string
load more comments
(1 replies)
What is an EICAR test string?
a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization to test the response of computer antivirus programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use real malware.
load more comments
(2 replies)
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
load more comments
(1 replies)
load more comments
(5 replies)
Don't add apostrophes to make words plural, that's not how it works.
Until next time
They had to put a comma in there somewhere. Even of it was in the wrong place and upside down.
load more comments
(1 replies)
It works like that in Dutch though. For example in Dutch the plural form for “baby” is “baby’s“
So the person who made this meme probably speaks Dutch.
load more comments
(3 replies)
Thanks to my password manager, commas are among the more tame characters that occur in my passwords.
Hm, now you're making me wonder how feasible it would be to use Emojis in my passwords...
Should work alright if the server handles Unicode correctly, and isn't one of those ass sites that put restrictions on the password's length and composition. Hashing functions don't even care if you're feeding them raw binary.
load more comments
(1 replies)
add apostrophes to your meme to reduce clarity
add apostrophes to your meme to increase engagemeot
he's not wrong though.
CSV has standard escape sequences. This is pointless
See RFC-4180:
That standard won't stop me because I can't read!
CSV existed for over 30 years before RFC 4180. Excel, and countless other tools, have their own incompatible variants. Excel in particular is infamous for mangling separators when exporting to CSV.
Fuck Excel's CSV handing. It differs by locale, silently. Imagine the thousands of people every year who patiently wait to import a multi-megabyte CSV from some instrument only to see garbage because their language uses the decimal comma and semicolon separator.
load more comments
(1 replies)
load more comments
(6 replies)
Add comma's
Add commas what?
Adding an apostrophe makes the s possessive
load more comments
(7 replies)
It'll just get escaped by quotes.
EDIT: it might be a better idea to use non-ascii characters.
Guys calm the fuck down. The point of this joke is not that you’ll be bulletproof a few in sort of a few commas and passwords every now and then. The point is that a lot of these guys use terrible scripts that do not parse data correctly and they dump all of this shit into large CSV files. One or two people put an errand, in there that it doesn’t expect and it fucks the whole thing sideways for the entire set everything after the asshole with the comma password gets fucked. People that know what they’re doing will be just fine with it, but scammers generally don’t know what the fuck they’re doing and they pass this data along over and over and over again it change his hands frequently. So there’s more chances for it to get fucked along the way.
Interesting... I wrote a gag comment about using an SQL injection as my password and crashed the Lemmy API. Using connect if that makes any difference.
load more comments
(7 replies)
Correct me if I'm wrong, but doesn't text with commas in it get put in double quotes in acsv file to avoid this exact thing?
Like if I had cells (1A: this contains no comma), (2B: this, contains a comma), and (3C: end of line), the csv file would store (this contains no comma,"this, contains a comma",end of line)
Yes and no. Like yes, that can be true. But a lot of tools don’t handle commas correctly no matter how you escape them.
A CSV is just a long string of text with a few control characters tossed in for end lines. There are practically no rules enforced by the file type itself. You can dump that unsanitized and poorly awk'd data into whatever awful mess you want. Nobody's stopping you. Sure, excel will force it's CSV formatting rules on you when you export like a child's training wheels. But that's not relevant here.
load more comments
(2 replies)
Sadly, no. CSV files can deal with embedded commas via quoting or escaping. Given that most of the dumps are going to be put together and consumed via common libraries (e.g.python's csv module), that's all going to happen automagically.
load more comments
(6 replies)
view more: next ›