this post was submitted on 21 Jan 2025
465 points (98.1% liked)

memes

11291 readers
4578 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to [email protected]

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

founded 2 years ago
MODERATORS
Tenthrow
The_Picard_Maneuver
[email protected]
465
I'm going to kill all of you (lemmy.world)
submitted 1 week ago by Stamets to c/memes
25 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 week ago (1 children)

That or you just being obligated to change your password.

[–] RememberTheApollo_ 8 points 1 week ago (2 children)

Yeah, this. There are sites for some maddening reason that don't bother to tell you it's time to change your password, they just force you to reset it without telling you why. Gotta be some kind of lazy shortcut to do it this way and not prompt the user that a password change is required.

[–] [email protected] 2 points 1 week ago (1 children)

Maybe it was just time, maybe your password got scrambled because your account was compromised: They'll never tell!

[–] RememberTheApollo_ 3 points 1 week ago (1 children)

Maybe for some. Government sites that I use do this deliberately (not accept your current password) to make you change it. Pretty frustrating the first few times it happened, but now I know that when this happens it's because of a password change requirement. It's been years and they still haven't just made a "time to change" prompt.

[–] [email protected] 1 points 1 week ago

It's pretty common in general but at least some of them actually do you the courtesy of letting you know.

[–] Buddahriffic 1 points 1 week ago

It's frustrating but it does give information to attackers. If an attacker just sees the login attempt was rejected, then they have no idea if it was because the password changed, the user entered it wrong in the phishing form, the user realized it was a phishing attempt and gave garbage to fuck with them, the password expired, or if the service provider is on to them.

If an attacker sees "your password has been reset and you must set a new one" then they have some information that could be used to social engineer their way into the account. Especially if it's a work account where the email is behind the same password.