Hi, clockwise_bit here.

I might have fucked up something, or something might be wrong elsewhere, I don’t know. What I know is that I just tried to log in multiple times and I wasn’t able to make it past the login page. The message says wrong password, but I’m fairly certain I didn’t change it because I use a password manager and the history is untouched. I doubt something happened to the db because syncthing (which I use to share the db with all my devices) didn’t log it’s update.

I cannot request a password reset from the form because, my bad, I didn’t put an email when registering. I was sure nothing like this would happen. Still, would it be possible to check if everything’s alright on your side? @nutomic@lemmy.ml @dessalines@lemmy.ml

Thanks in advance for your time. Shouldn’t it be possible to do anything, I’ll just use this account for the forseeable future.

  • help is on the wayOP
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    4 years ago

    Do you know of anything that could have changed in the past two months where I haven’t posted anything that could afflict the login? like, do I need to enter the ‘@’ before my username in the login form?

    • DessalinesMA
      link
      fedilink
      arrow-up
      2
      ·
      4 years ago

      Nope, nothing has changed there. I would try a different browser, and maybe manually typing in your password just to be sure.

      • help is on the wayOP
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        4 years ago

        well, thanks for the support anyway.
        I’ve made this my primary account now. And I’ve added an email address. I did not get any confirmation email, or something like that.
        Would it be too heavy on the mail plan you use if you sent an email to everyone setting an email account?
        That way, anyone would find out if the procedure was successful or not without having to try the reset password functionality.

        • DessalinesMA
          link
          fedilink
          arrow-up
          2
          ·
          4 years ago

          We don’t do confirmation emails, its only used for notifications and password resets. You could test it by turning on send notifs to email.

          • help is on the wayOP
            link
            fedilink
            arrow-up
            2
            ·
            4 years ago

            Right, gonna enable it now and see if I get an email with a reply, thanks for the explanation.

      • help is on the wayOP
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        4 years ago

        alright, no luck whatsoever and having to type in a 200 random characters password, without being able to check what I’ve typed is less than ideal. Might I suggest adding a snooping button, to temporarely deobfuscate the password in the input field?
        EDIT 128 characters, actually, I kinda slipped on that part.

        Could it have something to do with the move to diesel? I already had some unfortunate encounters with sites accepting the generated password, then rejecting it on the next login because of the chars used. For context, I used the following characters: *)_-;:" ’ ~ `?( { } [ ] @ #/ \ . ,

        • help is on the wayOP
          link
          fedilink
          arrow-up
          2
          ·
          4 years ago

          Ok, I tried making another account with the same password, then leaving and relogging. It works, so…something happened, but I don’t know what. If nor syncthing nor keepassxc noticed a corruption, I might have a serious coherence problem in my hands.

          • DessalinesMA
            link
            fedilink
            arrow-up
            2
            ·
            4 years ago

            How long was the password? We recently added a limit to the front end but its at I think 80 chars.

            • help is on the wayOP
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              4 years ago

              128 characters, I re-counted them to be sure. If the password is too long, does the lemmy-ui part notify the limit to the user or is the input just truncated backend-side?

              • DessalinesMA
                link
                fedilink
                arrow-up
                2
                ·
                4 years ago

                That was it then. We added limits on both the front and back end but it hasn’t been deployed yet.

                • help is on the wayOP
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  4 years ago

                  Huh, so I never entered the full password.
                  I just tried forcing the field visible, and the password is being truncated at 60 chars.
                  Damn dots, I didn’t notice. Also, keepass autotyper doesn’t know the password isn’t being inserted, so that explains why nothing made sense. I feel better knowing the pass db integrity is not compromised. Thanks for that, really!

                  I know I’m repetitive, but if it’s not a planned functionality and unless there is a reason I’m unaware of that explains why it’s counterproductive, giving the user the ability to temporarily show the password in the input field might help in these cases.