this post was submitted on 11 Aug 2024
830 points (98.4% liked)
memes
9616 readers
2910 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This usually means that your old password expired and the system didnt notify you. Basically, your account is inactive until you set a new password.
Any system I've ever used that expires passwords, forces you to set a new one upon logging in with the expired one.
It doesn't just lock you out and expect you to figure out on your own that you've gotta reset it via the 'forgot your password' link.
Those systems are well designed (save for the part that they're using password expiry)
There are a lot more shitty programmers out there than good ones
Oh, Microsoft Active Directory does this, when you log in via a method that doesn't allow changing the passwords (e.g. VPN login over RADIUS).
That, or the system has a transparent lockout, where if you type your password wrong for e.g. 3 times it'll stop accepting new tries for a specific duration to stop people trying to guess the password. I've run into this type of brute forcing prevention multiple times, though IMO the correct approach would be 2FA coupled with proper passwords instead.