Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Bonus points are given when they handle truncating your password differently in the initial validation vs authentication and it fails silently!


Or, even more hilariously, that said truncation happens on the client, and varies between different clients that they have. I personally ran into this with Wells Fargo, where their mobile app would leave one more (or one less, I don't remember exactly now) character than their website.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: