Title text: My password is just every Unicode codepoint concatenated into a single UTF-8 string.
Transcript
[Cueball carries an open laptop over to Ponytail, holding it in both hands. The screen shows a box filling the screen with some text on lines. Ponytail is sitting in an office chair with her laptop at her desk. She has turned her head away from the computer looking at Cueball’s screen.]
Cueball: Can you help me with my account?
Ponytail: Oh no.
[Cueball holds his laptop up in front of Ponytail who has turned the chair so she faces him, with her hands in her lap. Her table is not drawn.]
Cueball: No no, I promise it’s a normal problem this time.
Ponytail: Okay. Fine. What is it?
[Cueball holds both hands out palm up towards Ponytail who is sitting with his laptop in her lap typing on it.]
Cueball: I included a null string terminator as part of my password, and now I can’t-
Ponytail: How?!
Cueball: They said to use special characters!
CorrectHorseBatteryStaple’)DROP TABLE users;–
Is that you, bobby?
Little Bobby Tables!
And that’s why we sanitize our inputs
deleted by creator
Ooo the transcript in a little menu is a nice touch. Lemmy startin’ ta get slick.
Like this? This wouldn’t take spaces or periods
“This wouldn’t take spaces or periods” … and doesn’t know itself
= Potential security flaw discovered
Heh. I remember at one place, my password wasn’t liked very much by the account creation script the sysadmin wrote. The password started with a dollar sign and I think that was being inadvertently parsed as a
somewhere.
Thinking about it, I have to wonder what would have happened if the password started and ended with backticks. Bobby Tables moment?
(The thought also occurs now that he might have been siphoning off the passwords something, but even though some of my generation (and moreso previous generations) are known for using the same password for everything, this was in the days before the Web really took off, so most people would have only had one place where they used a password: that system.
The system wasn’t encrypted, and being the sysadmin, he had access to everything and to change passwords anyway, so keeping plaintext passwords would have been a pointless endeavour.)
Password:
$(sudo rm -rf /*)