this post was submitted on 10 Oct 2025

1199 points (99.5% liked)

Programmer Humor

26817 readers

3181 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev

1199

Vibecoding is the future (infosec.pub)

submitted 1 day ago by cm0002@sh.itjust.works to c/programmer_humor@programming.dev

68 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] 8000gnat@reddthat.com 70 points 1 day ago

no factor authentication

[–] Sam_Bass@lemmy.world 40 points 1 day ago (2 children)

They were called scriptkiddies back in the day

[–] REDACTED 10 points 17 hours ago

At least they had real intelligence, doing stuff like this is basically so stupid you'd be clinically braindead

[–] _stranger_@lemmy.world 18 points 1 day ago (2 children)

Has the general discourse settled on a proper epithet for this new version?

"vibe coders" doesn't feel derogatory enough.

[–] 2deck@lemmy.world 4 points 7 hours ago

Agreed, they're getting off light. I've worked with people who felt the code, but werent always able to communicate their ideas. I'd say theyd fit the idea of vibe coding without ai.

The concept is taken, and doesn't describe the intent well. How about "pseudocoders".

[–] glitchdx@lemmy.world 7 points 23 hours ago (1 children)

"vibe coding" was supposed to be derogatory?

[–] _stranger_@lemmy.world 3 points 18 hours ago

My point entirely. It'll probably stick though. Ah well, I'm sure script kiddies were called far more derogatory things that didn't stick either.

[–] pineapplelover@lemmy.dbzer0.com 26 points 1 day ago (2 children)

I will be honest, it took me a good while to figure out what's wrong

[–] MystikIncarnate@lemmy.ca 1 points 5 hours ago

Me too, but I woke up.... Checks watch .... 25 minutes ago, and I'm still pretty out of it.

[–] frostysauce@lemmy.world 3 points 18 hours ago (1 children)

Same. And I came here to comment exactly that.

[–] tomiant@programming.dev 1 points 8 hours ago

I figured it out immediately. I came here to say that.

[–] cupcakezealot@piefed.blahaj.zone 19 points 1 day ago

i'm ashamed to say that took me a while to figure out what was wrong mostly because i didn't think someone would be that dumb.

[–] Treczoks@lemmy.world 25 points 1 day ago (1 children)

This could be vibe coding, or just an intern "doing the web site".

Neither should have write access to production code.

[–] cupcakezealot@piefed.blahaj.zone 5 points 1 day ago (2 children)

i mean either one of those fucked up but it's also on the qa/testing team and the deployment team that they let it GET to production.

[–] melfie@lemy.lol 3 points 21 hours ago (1 children)

You mean the QA teams a lot of companies laid off because management decided the developers (and now AI) can just write all the automated tests?

[–] RagingRobot@lemmy.world 2 points 21 hours ago

Yeah we are shifting left! Engineers are now responsible for testing and QA can go fuck off I guess :(

load more comments (1 replies)

[–] scrubbles@poptalk.scrubbles.tech 202 points 1 day ago* (last edited 1 day ago) (2 children)

You're absolutely right! It doesn't make sense to show the user the 2fa code! removes 2fa completely

[–] pure_bliss@discuss.tchncs.de 10 points 22 hours ago* (last edited 22 hours ago)

[–] Uli@sopuli.xyz 143 points 1 day ago (3 children)

Oh, I get it! You still want 2fa, you just don't want the code to be shown! colors the text white

[–] ThePancakeExperiment@feddit.org 35 points 1 day ago (2 children)

No, no, make it ultra secure and display none it, every website will be a database of important information, you just have to put everything into a hidden table!!

[–] Schmoo@slrpnk.net 2 points 20 hours ago

*Includes it in the URL

[–] PattyMcB@lemmy.world 18 points 1 day ago

Font size 0

[–] Redjard@lemmy.dbzer0.com 16 points 1 day ago

Oh you want the code not rendered into html!
Drops the code in javascript when it is received from the backend.

load more comments (1 replies)

[–] prettybunnys@sh.itjust.works 15 points 1 day ago

This could also be a funny translation issue.

My bank sends a text message to me with the first code and a second code I enter.

They tell me the first code in a similar way so I can verify they sent it to me, then I enter the other code in the text.

[–] cows_are_underrated@feddit.org 20 points 1 day ago (3 children)

Assuming this is real, how the fuck do you fuck up so badly?

[–] rumba@lemmy.zip 6 points 20 hours ago

When I first added 2fa to page, I had a bug and made it do that to compare the values.

production or test, it's likely debug code.

[–] mcv@lemmy.zip 17 points 1 day ago* (last edited 5 hours ago) (1 children)

What!? It's more user friendly this way. No need to make the user switch to a totally different device when you can tell them right here!

(I hate pointing out sarcasm, but it's better not to risk it these days.)

[–] Cevilia@lemmy.blahaj.zone 4 points 1 day ago

(you don't need to apologise for using tone tags, they're a useful accessibility tool and hurt nobody)

load more comments (1 replies)

[–] aarRJaay@lemmy.world 49 points 1 day ago (1 children)

That's up there with: "You cannot use this password, it's already in use by ... "

[–] SethTaylor@lemmy.world 8 points 1 day ago

But that's so practical. Maybe I can contact them and ask them if we can swap. Haha

[–] aberrate_junior_beatnik@midwest.social 110 points 1 day ago (4 children)

It took me way too long to figure out what was wrong with this screenshot

[–] Ilovethebomb@sh.itjust.works 54 points 1 day ago (1 children)

Yeah, same here. I was counting the boxes thinking they'd got the wrong amount of numbers.

load more comments (1 replies)

load more comments (3 replies)

[–] undefined@lemmy.hogru.ch 76 points 1 day ago (16 children)

SMS/email-based 2FA should die.

[–] ColdSideOfYourPillow@anarchist.nexus 53 points 1 day ago (1 children)

Luckily, you don't even need to check SMS or input a valid number with the “verification” in the screenshot!

[–] bamboo@lemmy.blahaj.zone 30 points 1 day ago

mission failed successfully

[–] null@lemmy.nullspace.lol 5 points 1 day ago (1 children)

It's wild how standard SMS is given how (relatively) trivial it is to exploit.

[–] undefined@lemmy.hogru.ch 1 points 20 hours ago

Even with autofilling it on iOS, macOS you still have developers that need to fuck with form fields using JavaScript because they think they’re smarter than you.

[–] nogooduser@lemmy.world 11 points 1 day ago (2 children)

It’s better than nothing and some people would really struggle to do other types of 2FA.

[–] djsoren19@lemmy.blahaj.zone 7 points 1 day ago

I'll be homest with you, some people really struggle with email 2fa. The amount of working Americans I have spoken with who don't understand how to have two tabs open at once is genuinely frightening.

load more comments (1 replies)

load more comments (13 replies)

[–] elvith@feddit.org 32 points 1 day ago

IIRC the screenshot in the tweet is from a shitpost in reddits r/badUIbattles

[–] idunnololz@lemmy.world 15 points 1 day ago (1 children)

Sike! That's the wrong number! /s

[–] Psythik@lemmy.world 22 points 1 day ago* (last edited 1 day ago) (2 children)

It's spelled "psych", as in you're psyching them out.

load more comments (2 replies)

[–] exu@feditown.com 13 points 1 day ago

Just delay accepting the numbers for 10 seconds to simulate the time needed to check SMS and type them.

load more comments