“username or password incorrect” is bullshit

<p>medium bookmark / Raindrop.io | There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”. Instead they’re supposed to say the “username or password is incorrect”. This “best practice” is bullshit. Stripe and GitHub’s sign ins for example follow this practice. The idea is if an attacker knows a username, […]</p>

Breakdown

medium bookmark / Raindrop.io |

There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”. Instead they’re supposed to say the “username or password is incorrect”. This “best practice” is bullshit.

Stripe and GitHu...

Read full post on hackernoon.com →

Latest News

Build Design Systems With Penpot Components

Jul 21, 2:15 AM

Penpot's new component system for building scalable design systems, emphasizing designer-developer collaboration.

smashingmagazine.com

CSS Stuff I’m Excited After the Last CSSWG Meeting

Jul 20, 10:24 PM

Key CSS developments from CSSWG meeting, including inline conditionals, cross-document transitions, and anchor positioning.

css-tricks.com

I Tried to Vape the Internet

Jul 19, 7:29 PM

Journalist Samantha Cole explores the reality behind viral 'internet vape' memes, testing a smart vape with limited connectivity features.

404media.co

The Objects of Our Life (1983)

Jul 18, 7:32 PM

Steve Jobs' visionary 1983 Aspen talk highlights the crucial role of design in making personal computers accessible and envisions them as tools for creativity and human progress.

stevejobsarchive.com

How To Design Effective Conversational AI Experiences

Jul 17, 2:41 PM

Learn how to design effective conversational AI experiences with this comprehensive guide by Yinjian Huang.

smashingmagazine.com

July 2024

AI's $600B Question

Jul 16, 2:38 PM

The widening gap between AI infrastructure investments and revenue growth.

sequoiacap.com

The End of Influencers

Jul 15, 2:35 PM

Michal explores the decline of genuine engagement on social media, the rise of personal branding, and the potential resurgence of long-form content in the influencer-saturated digital landscape.