no factor authentication
this post was submitted on 10 Oct 2025
1222 points (99.5% liked)
Programmer Humor
26827 readers
2369 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
They were called scriptkiddies back in the day
At least they had real intelligence, doing stuff like this is basically so stupid you'd be clinically braindead
Has the general discourse settled on a proper epithet for this new version?
"vibe coders" doesn't feel derogatory enough.
Agreed, they're getting off light. I've worked with people who felt the code, but werent always able to communicate their ideas. I'd say theyd fit the idea of vibe coding without ai.
The concept is taken, and doesn't describe the intent well. How about "pseudocoders".
"vibe coding" was supposed to be derogatory?
Yes. The original post that coined the term was using "vibe coding" to indicate how problematic it is to build software by generating code based on vague prompts.
But a lot of people didn't read the entire post and just thought the term sounded cool and used it as if it was positive thing.
Now we're seeing the negative impacts of vibe coding, just as the original post predicted. So it started as derogatory, somehow became something positive, but it's going back to being derogatory again.
My point entirely. It'll probably stick though. Ah well, I'm sure script kiddies were called far more derogatory things that didn't stick either.
I will be honest, it took me a good while to figure out what's wrong
Me too, but I woke up.... Checks watch .... 25 minutes ago, and I'm still pretty out of it.
Same. And I came here to comment exactly that.
I figured it out immediately. I came here to say that.
i'm ashamed to say that took me a while to figure out what was wrong mostly because i didn't think someone would be that dumb.
You're absolutely right! It doesn't make sense to show the user the 2fa code! removes 2fa completely
Oh, I get it! You still want 2fa, you just don't want the code to be shown! colors the text white
No, no, make it ultra secure and display none it, every website will be a database of important information, you just have to put everything into a hidden table!!
*Includes it in the URL
Font size 0
Oh you want the code not rendered into html!
Drops the code in javascript when it is received from the backend.
load more comments
(1 replies)
This could be vibe coding, or just an intern "doing the web site".
Neither should have write access to production code.
i mean either one of those fucked up but it's also on the qa/testing team and the deployment team that they let it GET to production.
O saved the ass of the company I worked for at software QA multiple times 🤭
Most of the time, it was just miscommunication between decision makers and devs and I had to explain to both why it is not working how it is now and that none of them is clearly to blame for the situation.
I still work for that company, but manage IT infrastructure now, but I am confident that my successor will still do good job, than unlike me, he has a proper education in programming, 😂 I was literally in vibe code state
(Thank you AI)
You mean the QA teams a lot of companies laid off because management decided the developers (and now AI) can just write all the automated tests?
Yeah we are shifting left! Engineers are now responsible for testing and QA can go fuck off I guess :(
load more comments
(1 replies)
This could also be a funny translation issue.
My bank sends a text message to me with the first code and a second code I enter.
They tell me the first code in a similar way so I can verify they sent it to me, then I enter the other code in the text.
That's up there with: "You cannot use this password, it's already in use by ... "
But that's so practical. Maybe I can contact them and ask them if we can swap. Haha
Assuming this is real, how the fuck do you fuck up so badly?
When I first added 2fa to page, I had a bug and made it do that to compare the values.
production or test, it's likely debug code.
What!? It's more user friendly this way. No need to make the user switch to a totally different device when you can tell them right here!
/s
(I hate pointing out sarcasm, but it's better not to risk it these days.)
(you don't need to apologise for using tone tags, they're a useful accessibility tool and hurt nobody)
load more comments
(1 replies)
It took me way too long to figure out what was wrong with this screenshot
Yeah, same here. I was counting the boxes thinking they'd got the wrong amount of numbers.
load more comments
(1 replies)
load more comments
(3 replies)
SMS/email-based 2FA should die.
Luckily, you don't even need to check SMS or input a valid number with the “verification” in the screenshot!
mission failed successfully
It's wild how standard SMS is given how (relatively) trivial it is to exploit.
load more comments
(1 replies)
It’s better than nothing and some people would really struggle to do other types of 2FA.
I'll be homest with you, some people really struggle with email 2fa. The amount of working Americans I have spoken with who don't understand how to have two tabs open at once is genuinely frightening.
load more comments
(1 replies)
load more comments
(13 replies)
IIRC the screenshot in the tweet is from a shitpost in reddits r/badUIbattles
Sike! That's the wrong number! /s
view more: next ›