this post was submitted on 13 Mar 2026
1247 points (98.2% liked)

Programmer Humor

30700 readers
2318 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
1247
I love password based login (infosec.pub)
submitted 2 weeks ago by bdjegifjdvw@lemmy.world to c/programmer_humor@programming.dev
176 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] manxu@piefed.social 3 points 2 weeks ago (1 children)

It feels like the factors of authentication discussion misses one important aspect: can the factor be replayed. Passwords can be replayed indefinitely, while the email links you get or the OTP token only work for a short period of time.

I remember it from the bad days when I used LastPass. Suddenly I got a notification that the place had been compromised and I had to suddenly change hundreds of passwords. 90% of them were for sites that didn't even exist any longer, but sifting through the long, long list to go change passwords was more work than I wanted to do.

Don't have to do that if I need to use a one-time token via Aegis or email! I do agree, though, that for low risk sites, username/password is totally fine.

[โ€“] zea_64@lemmy.blahaj.zone 3 points 2 weeks ago

It's a neat option, but should not be forced.