Password mismanager
-
So our company procured, after years of selection and testing, a tool to manage shared passwords (where a team needs access to systems that cannot be easily connected to the federated authentication). So I tried to add the secrets for the service principal and the technical user in there and
⸘Warum, kurwa‽
… the “password” in this case is a “client secret” and is (hopefully) randomly generated by the Azure API, so I can't choose whether it will start with a digit or not.
PS: Note the bonus Engrish.
-
@Bulb The key word "SHOULD" in this
documentPOS is to be interpreted as described in RFC 2119, so fixing it with Tampermonkey is clearly permitted.
-
I don’t think you redacted
2hunterhunter2hunter2hunterhunter2
all too well…@Bulb said in Password mismanager:
PS: Note the bonus Engrish.
Presumably the rest of the message from “ical” etc. was cut off… somehow.
-
Use the rotokas alphabet. It's only 12 letters, so won't be too annoying or run the risk of making the password too long.
-
@LaoC said in Password mismanager:
@Bulb The key word "SHOULD" in this
documentPOS is to be interpreted as described in RFC 2119, so fixing it with Tampermonkey is clearly permitted.The error comes from the server, so it does not seem to be possible.
@kazitor said in Password mismanager:
Presumably the rest of the message from “ical” etc. was cut off… somehow.
I rather presume ESL
-
This post is deleted!
-
… I got
when I posted the two same image links and the post stayed open, but it posted, so it ended up being posted thrice.
-
At least if the password starts with an alphabet, you got about the first 26 characters down. Add in some digits and hieroglyphs and you should be good to go.
-
@topspin said in Password mismanager:
At least if the password starts with an alphabet, you got about the first 26 characters down.
Do alphabets have an inherent order? Or will any permutation qualify? That's four hundred septillion potential passwords right there.
-
@Watson said in Password mismanager:
Do alphabets have an inherent order?
Well, if they don't you can always put their letters in alphabetical — wait a minute!
-
@topspin said in Password mismanager:
At least if the password starts with an alphabet, you got about the first 26 characters down.
There are alphabets with fewer or more than 26 letters, though.
-
@Gurth said in Password mismanager:
@topspin said in Password mismanager:
At least if the password starts with an alphabet, you got about the first 26 characters down.
There are alphabets with fewer or more than 26 letters, though.
True, and there are oddities like the Welsh alphabet, which doesn't have K, Q, X, or Z, but does have ch, dd, ff, ng, ll, ph, rh, th as separate letters. Words starting with 'ch' are sorted between "cy" words and "da" words, for example. Adding to the confusion is that lovely "ng", which might be an "ng", or it might be an "n" and a "g". (e.g. penglog = skull does not have an "ng" digraph, because it is pen+glog)
-
@Steve_The_Cynic We have “letter” ‘ch’ in Czech as well, and it sorts between ‘h’ and ‘i’. But I think @topspin meant the other alphabets altogether. After all the word “alphabet” comes from alpha beta, the names of the first two Greek letters.
… strangely enough the password mismanager also has a “personal” section and in that section not only digits, but also non-latin passwords like ‘αβγδ’ are accepted just fine.
-
I'm surprised that nobody has yet speculated on what horrible monstrosity lurks under the requirement that a password should begin with a letter.
-
@GOG
Sounds like a requirement for some legacy/LOB/2Big2Bad software
-
@Luhmann Or what someone on a committee somewhere thought was a requirement.
-
@dkf could be a reaction to people going from
1password
to2password
, etc and the poor dev in charge just threw up his hands and gave in to the who demanded they prevent that.
-
@GOG said in Password mismanager:
I'm surprised that nobody has yet speculated on what horrible monstrosity lurks under the requirement that a password should begin with a letter.
Best case: idiotic password policy, completely arbitrary.
Worst case: it's used as a variable name somewhere ineval
d code.INB4: that's not
a knifethe worst case, this is the worst case. Bring it on.
-
@boomzilla said in Password mismanager:
@dkf could be a reaction to people going from
1password
to2password
, etcbut those are probably a reaction to the rules outlawing a change from password1 to password2
-
@Luhmann it's non-alphabets all the way down!
-
@GOG said in Password mismanager:
I'm surprised that nobody has yet speculated on what horrible monstrosity lurks under the requirement that a password should begin with a letter.
The weirdest part is that, as mentioned just above, the requirement does not apply to all of the software, just some parts. Other parts happily accept even symbols that can't be written on usual keyboard layout for the selected language.
-
@GOG said in Password mismanager:
I'm surprised that nobody has yet speculated on what horrible monstrosity lurks under the requirement that a password should begin with a letter.
Paging Bobby...
-
@Steve_The_Cynic said in Password mismanager:
there are oddities like the Welsh
As someone with Welsh ancestry, I am both offended and in complete agreement.
-
@Steve_The_Cynic said in Password mismanager:
@Gurth said in Password mismanager:
@topspin said in Password mismanager:
At least if the password starts with an alphabet, you got about the first 26 characters down.
There are alphabets with fewer or more than 26 letters, though.
True, and there are oddities like the Welsh alphabet, which doesn't have K, Q, X, or Z, but does have ch, dd, ff, ng, ll, ph, rh, th as separate letters. Words starting with 'ch' are sorted between "cy" words and "da" words, for example. Adding to the confusion is that lovely "ng", which might be an "ng", or it might be an "n" and a "g". (e.g. penglog = skull does not have an "ng" digraph, because it is pen+glog)
Dutch has something similar with ij. It's not considered a letter in the alphabet, and it's sorted as the separate letters are, but when at the start of a name both letters are capitalized together (hence IJsselmeer not Ijsselmeer)
-
@PleegWat and what about that odd y with 2 dots on top? Isn't that the same anymore?
-
@BernieTheBernie Same thing, basically. In handwriting it commonly becomes a single letter, though the letter shape is different than ÿ. The Y is in the dutch alphabet, but is only used in loanwords (typically English).