1. 19
  1.  

  2. 10

    Don’t forget the keyboard

    I feel like keyboard users are a dying breed at this point, but for those of us that, when presented with a login dialog, like to rapidly type

    name@example.com, tab, p4$$w0rd, enter

    … please verify that this works as it should. Tab order, enter to submit, etcetera.

    This

    1. 3

      Password manager.

      1. 2

        My password manager (pass) is not intergrated into my browser, so I still have to copy paste from the command line to the form.

        1. 3

          There’s a fairly good extension if you use firefox:

          https://addons.mozilla.org/fr/firefox/addon/passff/

          1. 2

            Yes! I’ve tried it before and you’re right. Unfortunately I also use vimperator (Ever since pentadactyl was more or less abandonned) with no gui, so many plugins that expect gui interaction do not work.

            1. 1

              I’d try to get something working, since integrated password managers are fantastic at foiling phishing attacks.

    2. 2

      The implementation also leaves a lot to be desired, as it’s left up to the whims of the site owner to decide what password strength means. One site’s “good” is another site’s “get outta here with that Fisher-Price toy password”. It’s frustrating.

      So, with Discourse, rather than all that, I decided we’d default on a solid absolute minimum password length of 8 characters, and then verify the password to make sure it is not one of the 10,000 most common known passwords by checking its hash.

      How is that not equally the whim of the site owner?

      1. 2

        Fewer arbitrary constraints. There’s a very good reason for both constraints listed here (min 8 chars and blacklist of common passwords).