How on earth can you both not accept the password I copied from my password safe and tell me that I cannot use the same pasaword again?

  • @Willem
    link
    251 month ago

    If there has been a data leak, they might block your current password because the hash has been leaked

    • @cron@feddit.orgOP
      link
      fedilink
      171 month ago

      Yes, that might be a plausible theory. Basically a bad yersion of you must change your password.

        • @cron@feddit.orgOP
          link
          fedilink
          261 month ago

          It would be better if the login flow said something like

          For security reasons, we ask you to set a new password, please use the “password forgotten” function to gain access again.

          instead of me being puzzled why my password doesn’t work.

          • @kewjo@lemmy.world
            link
            fedilink
            61 month ago

            except now anyone guessing your password knows when they guess your password right? while that site is safe most users use the same password and any site they use with the same email is now vulnerable.

    • @MajorHavoc@programming.dev
      link
      fedilink
      21 month ago

      If there has been a data leak, they might block your current password because the hash has been leaked

      I’m sure that makes them feel much better, lol.

      • @Willem
        link
        21 month ago

        The leak doesn’t even need to happen on their site, they could check the password hash against known leaked hashes (from have I been pwned for example) and block it