this post was submitted on 04 Aug 2023
26 points (100.0% liked)

xkcd

8839 readers
17 users here now

A community for a webcomic of romance, sarcasm, math, and language.

founded 1 year ago
MODERATORS
26
submitted 1 year ago* (last edited 1 month ago) by [email protected] to c/[email protected]
 

Title text: My password is just every Unicode codepoint concatenated into a single UTF-8 string.


Transcript[Cueball carries an open laptop over to Ponytail, holding it in both hands. The screen shows a box filling the screen with some text on lines. Ponytail is sitting in an office chair with her laptop at her desk. She has turned her head away from the computer looking at Cueball's screen.]

Cueball: Can you help me with my account?
Ponytail: Oh no.

[Cueball holds his laptop up in front of Ponytail who has turned the chair so she faces him, with her hands in her lap. Her table is not drawn.]

Cueball: No no, I promise it's a normal problem this time.
Ponytail: Okay. Fine. What is it?

[Cueball holds both hands out palm up towards Ponytail who is sitting with his laptop in her lap typing on it.]

Cueball: I included a null string terminator as part of my password, and now I can't-
Ponytail: How?!
Cueball: They said to use special characters!


top 6 comments
sorted by: hot top controversial new old
[–] [email protected] 5 points 1 year ago (2 children)

CorrectHorseBatteryStaple')DROP TABLE users;--

[–] [email protected] 2 points 1 year ago

Is that you, bobby?

[–] [email protected] 1 points 1 year ago

And that's why we sanitize our inputs

[–] [email protected] 2 points 1 year ago (1 children)

Heh. I remember at one place, my password wasn't liked very much by the account creation script the sysadmin wrote. The password started with a dollar sign and I think that was being inadvertently parsed as a $variable somewhere.

Thinking about it, I have to wonder what would have happened if the password started and ended with backticks. Bobby Tables moment?

(The thought also occurs now that he might have been siphoning off the passwords something, but even though some of my generation (and moreso previous generations) are known for using the same password for everything, this was in the days before the Web really took off, so most people would have only had one place where they used a password: that system.

The system wasn't encrypted, and being the sysadmin, he had access to everything and to change passwords anyway, so keeping plaintext passwords would have been a pointless endeavour.)

[–] [email protected] 3 points 1 year ago

Password: $(sudo rm -rf /*)

[–] [email protected] 1 points 1 year ago

Ooo the transcript in a little menu is a nice touch. Lemmy startin' ta get slick.