Greg the Millerpasswords should be like “that’s close enough”
shadowwwind@gregthemiller oh god
Uncle Vinny@gregthemiller "your heart was totally in the right place"
@uncle_vinny only someone who knew the password would get that close
jimfl@gregthemiller "That's incorrect, but I totally see where you're going with this"
@gregthemiller passwords should be like job interviews for attractive people
3 Muskrats in a trenchcoat@gregthemiller
Oh, you had caps lock on. That's ok.
Oh, you had caps lock on. That's ok.
Perkele@gregthemiller I should be able to decide if my password is good enough, if it needs numbers or special characters. If I want to live dangerously and have my password be "ABCD" they should let me. The lack of personal responsibility these days is worrying to me.
If having a "weak" password bothers them so much, they should have a check box that says "I understand someone might spent thousands of hours trying to brute force my password and gain access to my Panfu account and I'm fine with making it easier for them."
The lack of personal responsibility these days is worrying to me.
Stash@gregthemiller surely we're advanced enough as a species to build cryptographically irreversible vibe checks
@stash it’s not too much to ask really
@gregthemiller ok, so, I was thinking "homomorphic encryption" and have a circuit that does something like vector similarity... but guess what: it's already been patented **in 2014**. They've literally been keeping it from us.
Jigme Datse@gregthemiller The amount of time, getting locked out because my fingers just are having a grumpy day, I kind of agree. Except, proper password storage, kind of prevents "close enough" being an option.
@JigmeDatse this popped into my head because i was at a friend’s house on a new device and just kinda remembered their wifi password
@gregthemiller Ah, that's a different situation then. Similar result, but different situation.
Patrick $8 
@gregthemiller that's absolutely possible technically but the tradeoff is that they can't be stored securely by the service you're entering your password into
Hollie@gregthemiller Whenever websites are like “you changed this password two months ago,” I want to yell back, “yes and you already know I have terrible ADHD so let’s just agree to pretend that didn’t happen or or we’ll both be here all day”
Deborah Pickett@gregthemiller I came into the replies looking for someone explaining why that isn't cryptographically viable, because this is the Fediverse after all, and I was not disappointed.
Personally, I'd like every password to be checked once as if my keystrokes were on Dvorak, and then again as if they were on Qwerty.
Pseudo NymFunny story. Some big banks and investment companies did (don't know if they still do, I haven't checked recently) also stored your password in variations of lowercased, striped of spaces, and my favorite, reduced to US phone key alphabet mapping, and would accept any of them as valid.
They had touch tone phone systems that needed to be able to accept your password, so it kind of made sense, but then the web front end would accept the purely numeric representation too.
@pseudonym @futzle okay that might be too far, but convenient
Incident Creator ❎
haliphax 👾@gregthemiller "Yeah, pretty much. Go ahead."
Trammell Hudson@gregthemiller facebook (used to?) do this -- they would hash your password in a few different forms since mobile input fields make it hard to know if you typed the right one. https://www.youtube.com/watch?v=7dPRFoKteIU&t=960s
Ross of Ottawa@gregthemiller "You're in the right ballpark, I'm going to give it to you."
@gregthemiller or maybe hints, "No, no, it's a two syllable word, rhymes with 'gasword.' "
Taffer 🇨🇦
@gregthemiller @cR0w I’m sure they will be soon, thanks to vibe coding.
cR0w 
🏴☠️
Sebastian Crane 🏳️⚧️@gregthemiller The UK Department of Work and Pensions does exactly this on their website for claiming government benefits and reporting income!