this post was submitted on 24 Jun 2023
554 points (98.9% liked)

Linux

48738 readers
996 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by AlpΓ‘r-Etele MΓ©der, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 2 years ago* (last edited 2 years ago) (1 children)

Can't login, it says my password is incorrect

Edit: before someone tells me to put in my correct password, I use copy&paste from a password manager

[–] [email protected] 20 points 2 years ago (3 children)

Is your password longer than 60 characters? If so, you should know that your actual password was truncated to 60 chars at the time of account creation. You won't notice on the website because the login webform automatically truncates characters beyond the limit, but most 3rd-party apps don't do this because it's an undocumented thing.

Basically, my advice would be to update the password in your password manager to be truncated to 60 characters and then try logging in with the app again.

[–] impulse 9 points 2 years ago (2 children)

What kind of maniac would use a password that's longer than 60 characters?

I get that password managers are standard now, but anything outside the norm is just asking for trouble. I vividly remember updating a client's webfrom to reject emojis in passwords, because for some reason people started using them and it wrecked havoc in the backend.

[–] [email protected] 11 points 2 years ago

What kind of maniac would use a password that’s longer than 60 characters?

side-eye "sus" monkey puppet meme

[–] [email protected] 1 points 2 years ago

Personally I would consider truncating passwords or even having password max length problematic. First of all you will need to update the length as soon as it would be considered too short, not to mention all the passwords you now need to migrate. It can also imply that you're not using standard techniques for password storage.

[–] [email protected] 7 points 2 years ago (1 children)

That was actually the thing, thanks a lot.

[–] [email protected] 9 points 2 years ago (1 children)

Oh man, the feeling of solving an obscure issue on the first try without having to ask for any extra hints: chef's kiss. I'm glad I could be of assistance!

[–] [email protected] 3 points 2 years ago (1 children)

I am very glad, also impressed by that detailed knowledge, are you working on/with lemmy? I'd whip out an award, but here are only poor men awards πŸ…πŸ†

[–] [email protected] 1 points 2 years ago (1 children)

Nah, I was just playing around with the API and spent the better part of a day trying to figure out why authentication wasn't working for me (I'd been using a 64 character password 🀦)

[–] [email protected] 4 points 2 years ago (1 children)

By which component is the password truncated on account-creation? Imo, the web UI shouldn't do that without at least warning the user. Such long passwords might be a corner-case, but if the UI changes the password in any way before submitting it to the server, I think the user should see a big fat red notification. What if an account was created using a different client? The user wouldn't be able to log in using the web-ui because the web-ui refuses to send the unmodified password?

If the password is truncated server-side during account creation, the server should do the same during login, the UI or client wouldn't even have to know about it.

[–] [email protected] 3 points 2 years ago

I agree that it's stupid and needs to be changed.

In any case, this is a lemmy UI thing, though the backend isn't helping when it reports a generic bad password error instead of notifying the client that the provided password was technically impossible:

  • Issue regarding the ui silently truncating the password: lemmy-ui/#1120
  • Issue regarding the backend error issue: lemmy/#3284