>forgot password to websight
>click "recover my account"
>they sent it in cleartext
Forgot password to websight
Jayden Clark
Other urls found in this thread:
Andrew Rivera
>implying the email wasn't encrypted
Logan Reed
Blake Watson
I work for a company that makes government websites and we send them in planetext unecrypted emails
Robert Lewis
>websight
stupid frogposter
Brandon Moore
>account registration
>no password specs to be seen
>enter auto-generated 64 symbol string
>login only allows a shorter string of unknown length
Jack Gonzalez
>use 64 character password
>it accepts it
>go to login
>not accepted
>cut it down to 8 characters
>it works
Isaac Myers
Lol if this was in the Netherlands you'd be fined till you bleed dead.
Kevin Robinson
That's what I meant, yeah.
Hunter Rivera
>forgot password and username to steam account
>try to SSH into my home server to find account info I keep in an encrypted file
>forgot my server's password
>get home, forget password to login to windows
>use my ubuntu live usb to bypass windows login and get that encrypted file
>forgot password to encrypted file
>try to google how to recover password to an encrypted file
>can't connect to internet, forgot wifi password
>hold red button on back of router to reset it, finally get on internet
>google is useless
>download program to hack the encrypted file
>can't get program to work, forgot bitcoin wallet password
>call steam support and after 6 hours of talking, being put on hold, and sending them photos of myself, they tell me the username and email of my steam account
>use steam account recovery
>doesn't work, forgot password to gmail account
>give up and make all new accounts and use phone verification for everything this time
never fall for the "phone verification is bad" meme from paranoid tinfoil fedora vir/g/ins
Carson Lee
>online library credentials are used to access 6 different services
>only password allowed is a 10-digit string
Jaxson Anderson
pizza hut did that to me
good thing the reason I needed to recover the password was because it was the one website where I used a different password
Tyler Sanders
>webshop processes credit card payments
>encrypt CC details in base64
Justin Gray
>never fall for the "phone verification is bad" meme
Alternatively, you could try not forgetting every password to every service you use.
Austin Martinez
>reinstalled windows
>lying in bed with laptop when I remember I want to use my google calendar in the windows calendar app
>about to log into my google account
>remember I need to phone verify
>phone is on the other side of sleeping girlfriend
UGH
Adrian Allen
>get university library card
>"btw your password is your birth date"
>"can I change that?"
>"no"
Isaiah Price
If only routers had little plugs to directly connect to computers.
Andrew Roberts
>What is SIM swap fruad
Aiden Miller
My uni did something similar, except the password was the student's last name and 4 random digits.
Needless to say a bruteforcer was quickly written and some students as well as some professors started sending really gross e-mails to the whole campus.
Ryan Hill
did they change anything?
signups for exams at my university are via a non-ssl website accessible w/ username and password, so students often steal their peers' credentials and sign them up for random exams.
they also used to have a policy that once you signed up for an exam you're signed up forever, until you pass or drop out after failing it three times, which they finally changed this year.
Owen Green
They first added a rate control but it resulted in a lot of students locked out of their account so after a while they would send credentials via postal mail and required students to change their password after their first login.