this post was submitted on 21 Jan 2025
465 points (98.1% liked)
memes
11383 readers
2383 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to [email protected]
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- [email protected] : Star Trek memes, chat and shitposts
- [email protected] : Lemmy Shitposts, anything and everything goes.
- [email protected] : Linux themed memes
- [email protected] : for those who love comic stories.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It's frustrating but it does give information to attackers. If an attacker just sees the login attempt was rejected, then they have no idea if it was because the password changed, the user entered it wrong in the phishing form, the user realized it was a phishing attempt and gave garbage to fuck with them, the password expired, or if the service provider is on to them.
If an attacker sees "your password has been reset and you must set a new one" then they have some information that could be used to social engineer their way into the account. Especially if it's a work account where the email is behind the same password.