this post was submitted on 11 Aug 2024
839 points (98.4% liked)

memes

10312 readers
1601 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to [email protected]

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

Sister communities

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 21 points 3 months ago* (last edited 3 months ago) (2 children)

This usually means that your old password expired and the system didnt notify you. Basically, your account is inactive until you set a new password.

[–] [email protected] 14 points 3 months ago (2 children)

Any system I've ever used that expires passwords, forces you to set a new one upon logging in with the expired one.

It doesn't just lock you out and expect you to figure out on your own that you've gotta reset it via the 'forgot your password' link.

[–] [email protected] 8 points 3 months ago

Those systems are well designed (save for the part that they're using password expiry)

There are a lot more shitty programmers out there than good ones

[–] [email protected] 6 points 3 months ago

Oh, Microsoft Active Directory does this, when you log in via a method that doesn't allow changing the passwords (e.g. VPN login over RADIUS).

[–] [email protected] 3 points 3 months ago

That, or the system has a transparent lockout, where if you type your password wrong for e.g. 3 times it'll stop accepting new tries for a specific duration to stop people trying to guess the password. I've run into this type of brute forcing prevention multiple times, though IMO the correct approach would be 2FA coupled with proper passwords instead.