WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

916

(post is archived)

[–] 1 pt

You think thats bad? I don't know if it's still the same today, but a few years back I helped an executive who was being spied on by his wife. She logged into his twitter account on his phone and was monitoring his DM's. He changed his password to try and prevent it and it never locked out his wife's login with the old password. Apparently, that token just never expires and a correct password isn't necessary. It was pretty hilarious to us.

[–] 0 pt

I'm sure they didn't tell anyone.

[–] 0 pt

Who needs strong password policies. Just store the shit on sticky notes in the office it'll be fine.

[–] 0 pt

Everyone in the military does this or something similar, because the reset policies are/were so oppressive (every 90 days), AND because you needed 12+ different websites to function, and they all had similar (but not identical) PW rules from whenever some contractor wrote them...

shit you not, I bet a double-digit percent of a ship's crew has SIPRnet logins of asdfASDF1234!@#$