1. 27

  2. 6

    A little disappointed the “copy to clipboard” button doesn’t copy “NO STOP IT” instead of the password.

    1. 3

      I wish they would stop with marketing mumbo-jumbo and explain what’s going on? I refreshed and it stayed the same, leading me to believe that they fingerprint the browser. But, I have no idea if this is the case?

      Anyone have more context about this?

      Recommendation: DO NOT USE.

      1. 14

        I fear you missed the all import satire tag …

        1. 4

          To be fair, the satire on the actual page is a little thin. The bit about “ambiguous characters” tipped me off, but most of the rest reads like real VC-backed startup copy.

          1. 4

            VC-backed startup copy advertising one particular password as the most secure password which everyone should use sounds a lot like satire to me.

            1. 2

              “Ambiguous characters,” while fishy, I assumed a linked paper/research would define.

              This obviously got me, but I’ll also admit that I’ve seen tons of real research pages that are similar. Throw a little modern CSS/design on something, and its easy to make it seem legit. Plus, everyone has a take on solving the password problem making this even more believable.

            2. 3

              You are right. I did.

              1. 1

                It might need to be appear in red. Either a patch for lobste.rs or a greasemonkey script? :)

              2. 3

                I believe it’s in the vein of https://xkcd.com/221/, though less obviously satirical.

                (To be clear, the relative subtlety of the satire makes it a bad joke. It’s a safe bet that password will start ending up in dumps within a few months.)

                To experiment: the first ten characters of the SHA256 of the password I get (excluding trailing newline, that is, as copied by the “copy” button) are 5121508d3e. I’m assuming it’s the same for everyone, because it would be a lot of work for a stupid joke for it to be otherwise, but now we can find out!

                1. 2


                  It’s not like I’m going to use the thing.

                  1. 1

                    Amusingly, mine is the same.

                    1. 1

                      I got something different. No, I didn’t, that is the whole joke :)

              3. 3

                In the old days there used to be a a username/password combo you could use to log in to basically any site. A globally ‘shared’ account for those in the know. I’ve forgotten the credentials by now, but I recall the password would not work anywhere with significant password requirements. If that account still exists, this password could be suitable for places with significant password requirements. Globally documented, but only useful to those in the know.

                1. 5

                  If it’s the same low-tech predecessor to http://bugmenot.com/ I’m thinking of, it was cypherpunk / cypherpunk

                  1. 3

                    cpunks / cpunks was the one I recall.

                    1. 1

                      That wasn’t the one I was thinking of, but it appears there was more than one :). Obvious in hindsight: ideas are usually not unique, but prompted by the times.

                    2. 3

                      media/media was the way to bypass the Wall Street Journal’s paywall from its creation until earlier this year.

                      1. 2

                        Thanks! I wanted to mention that, but couldn’t remember which newspaper that was, and it’s an impossible phrase to Google…

                      2. 2

                        People still do this. And thankfully as a pentester, this helps keep food on my table. Seriously don’t do this unless absolutely 100% necessary. Also

                        but only useful to those in the know

                        Is rarely true, so many times I get access to undocumented features that have less rigorous testing because “developers only” and it leads to unexpected things.

                      3. 2

                        who would’ve thought that this would spark quite a lot of debate :)