Hi, clockwise_bit here.
I might have fucked up something, or something might be wrong elsewhere, I don’t know. What I know is that I just tried to log in multiple times and I wasn’t able to make it past the login page. The message says wrong password, but I’m fairly certain I didn’t change it because I use a password manager and the history is untouched. I doubt something happened to the db because syncthing (which I use to share the db with all my devices) didn’t log it’s update.
I cannot request a password reset from the form because, my bad, I didn’t put an email when registering. I was sure nothing like this would happen. Still, would it be possible to check if everything’s alright on your side? @nutomic@lemmy.ml @dessalines@lemmy.ml
Thanks in advance for your time. Shouldn’t it be possible to do anything, I’ll just use this account for the forseeable future.
Do you know of anything that could have changed in the past two months where I haven’t posted anything that could afflict the login? like, do I need to enter the ‘@’ before my username in the login form?
Nope, nothing has changed there. I would try a different browser, and maybe manually typing in your password just to be sure.
well, thanks for the support anyway.
I’ve made this my primary account now. And I’ve added an email address. I did not get any confirmation email, or something like that.
Would it be too heavy on the mail plan you use if you sent an email to everyone setting an email account?
That way, anyone would find out if the procedure was successful or not without having to try the reset password functionality.
We don’t do confirmation emails, its only used for notifications and password resets. You could test it by turning on send notifs to email.
Right, gonna enable it now and see if I get an email with a reply, thanks for the explanation.
oh god, that’s going to be hell. Trying right now, from fennec f-droid
alright, no luck whatsoever and having to type in a 200 random characters password, without being able to check what I’ve typed is less than ideal. Might I suggest adding a snooping button, to temporarely deobfuscate the password in the input field?
EDIT 128 characters, actually, I kinda slipped on that part.
Could it have something to do with the move to diesel? I already had some unfortunate encounters with sites accepting the generated password, then rejecting it on the next login because of the chars used. For context, I used the following characters: *)_-;:" ’ ~ `?( { } [ ] @ #/ \ . ,
Ok, I tried making another account with the same password, then leaving and relogging. It works, so…something happened, but I don’t know what. If nor syncthing nor keepassxc noticed a corruption, I might have a serious coherence problem in my hands.
How long was the password? We recently added a limit to the front end but its at I think 80 chars.
128 characters, I re-counted them to be sure. If the password is too long, does the lemmy-ui part notify the limit to the user or is the input just truncated backend-side?
That was it then. We added limits on both the front and back end but it hasn’t been deployed yet.
Huh, so I never entered the full password.
I just tried forcing the field visible, and the password is being truncated at 60 chars.
Damn dots, I didn’t notice. Also, keepass autotyper doesn’t know the password isn’t being inserted, so that explains why nothing made sense. I feel better knowing the pass db integrity is not compromised. Thanks for that, really!
I know I’m repetitive, but if it’s not a planned functionality and unless there is a reason I’m unaware of that explains why it’s counterproductive, giving the user the ability to temporarily show the password in the input field might help in these cases.