• @[email protected]
    link
    fedilink
    21
    edit-2
    4 months ago

    This usually means that your old password expired and the system didnt notify you. Basically, your account is inactive until you set a new password.

    • @[email protected]
      link
      fedilink
      English
      144 months ago

      Any system I’ve ever used that expires passwords, forces you to set a new one upon logging in with the expired one.

      It doesn’t just lock you out and expect you to figure out on your own that you’ve gotta reset it via the ‘forgot your password’ link.

      • @[email protected]
        link
        fedilink
        84 months ago

        Those systems are well designed (save for the part that they’re using password expiry)

        There are a lot more shitty programmers out there than good ones

      • @[email protected]
        link
        fedilink
        64 months ago

        Oh, Microsoft Active Directory does this, when you log in via a method that doesn’t allow changing the passwords (e.g. VPN login over RADIUS).

    • @[email protected]
      link
      fedilink
      34 months ago

      That, or the system has a transparent lockout, where if you type your password wrong for e.g. 3 times it’ll stop accepting new tries for a specific duration to stop people trying to guess the password. I’ve run into this type of brute forcing prevention multiple times, though IMO the correct approach would be 2FA coupled with proper passwords instead.