Club PA 2.0 has arrived! If you'd like to access some extra PA content and help support the forums, check it out at patreon.com/ClubPA
The image size limit has been raised to 1mb! Anything larger than that should be linked to. This is a HARD limit, please do not abuse it.
Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!

[Programming] Mirror, mirror, on the wall, show the git diff for them all

19495969798100»

Posts

  • iTunesIsEviliTunesIsEvil Registered User regular
    So I just learned the most funnest thing...

    Got an email from BitBucket/Atlassian that they'd forced a password reset on my account because of some suspicious activity, etc etc. So I reset it and I've been enabling 2FA wherever I can this morning. While doing so I found out that my bank doesn't support it (I'm not surprised, banks usually suck at online things), so I asked on Twitter whether other/most banks have it. Someone responded that most don't, and "Chase still wraps passwords in toLower()."

    I thought "no fucking way." So I tried it with my Chase CC account, and lo and behold: apparently passwords on Chase's websites are case-insensitive. Which just seems radically fucking stupid. I mean, I guess you can say "oh that's not mathematically concerning" but uhhh, that pretty much goes against everything I've ever heard about decent password management/storage.

    Why would Chase's developers (or the monkeys they contracted out to) even do that?! THIS MAKES NO SENSE! :rotate:

  • bowenbowen How you doin'? Registered User regular
    So I just learned the most funnest thing...

    Got an email from BitBucket/Atlassian that they'd forced a password reset on my account because of some suspicious activity, etc etc. So I reset it and I've been enabling 2FA wherever I can this morning. While doing so I found out that my bank doesn't support it (I'm not surprised, banks usually suck at online things), so I asked on Twitter whether other/most banks have it. Someone responded that most don't, and "Chase still wraps passwords in toLower()."

    I thought "no fucking way." So I tried it with my Chase CC account, and lo and behold: apparently passwords on Chase's websites are case-insensitive. Which just seems radically fucking stupid. I mean, I guess you can say "oh that's not mathematically concerning" but uhhh, that pretty much goes against everything I've ever heard about decent password management/storage.

    Why would Chase's developers (or the monkeys they contracted out to) even do that?! THIS MAKES NO SENSE! :rotate:

    CEO probably didn't like it when he forgot caps lock was on, when he fired off the email yelling at people, and he couldn't log into his bank account.

    Tolower doesn't exclude bad password hashing or anything. Just that you're reducing entropy of possible matches.

    Ladies.
  • DynagripDynagrip destroy everything you touch Registered User, ClubPA regular
    have any of y'all done pair programming? This edX software engineering class (CS169) that I'm taking basically requires it. I haven't tried it out yet. By nature I'd probably prefer not to do it but I'm hopeful that it won't be too bad.

    Also, Cloud9 is a pretty sweet online IDE. It supports a bunch of languages and is also well suited to pair programming.

    ok98TNK.png
  • bowenbowen How you doin'? Registered User regular
    If you've got someone you like working with, it's amazing.

    If it's a random fuckaroo in a class, it might not be so great (they may not be skillfull enough, or you might not, etc)

    Ladies.
    Grape Apeecco the dolphinEvigilant
  • EchoEcho Moderator mod
    Yeah, if there's a big skill disparity, it's a bad time.

    If both are of roughly equal skill/experience level (and knowledge of the code base), it's good.

    Echo wrote: »
    Let they who have not posted about their balls in the wrong thread cast the first stone.
    bowenGrape ApemightyjongyoNaphtali
  • LuvTheMonkeyLuvTheMonkey High Sierra Serenade Registered User regular
    Blizzard made Battle.net passwords case insensitive some years back too.

    Molten variables hiss and roar. On my mind-forge, I hammer them into the greatsword Epistemology. Many are my foes this night.
    STEAM | GW2: Thalys
    Tofystedeth
  • djmitchelladjmitchella Registered User regular
    Why would Chase's developers (or the monkeys they contracted out to) even do that?! THIS MAKES NO SENSE! :rotate:

    For a long time (though not any more, thankfully), TD Bank had an 8-character limit on passwords for online banking..

  • EchoEcho Moderator mod
    My bank used to have a 6-char limit.

    No more. No less. Six characters. :rotate:

    Echo wrote: »
    Let they who have not posted about their balls in the wrong thread cast the first stone.
    DisruptedCapitalistdjmitchellaInfidel
  • bowenbowen How you doin'? Registered User regular
    Echo wrote: »
    My bank used to have a 6-char limit.

    No more. No less. Six characters. :rotate:

    jesus, that's worse than letting someone have up to a 4 character password

    Ladies.
    Echo
  • EchoEcho Moderator mod
    Wheeee digging through someone else's mess of a jQuery Datepicker thingamabob.

    Datepicker A sets an end date, datepickers B and onward can't have a date after the end date.

    Got it working fine if you set datepicker A to something before setting the others, and changing A will flag the others if the new end date is before their current date.

    Only problem left is making it flag datepickers if the end date is blank when you start but give it a date after you've set other dates. Leaving that mess for tomorrow.

    Echo wrote: »
    Let they who have not posted about their balls in the wrong thread cast the first stone.
  • NogsNogs Crap, crap, mega crap. Registered User regular
    Datepickers and autocomplete are like the two common ui things that are waaaaay harder than you think theyd be at first glance. At least thats been my experience.

    rotate.jpg
    PARKER, YOU'RE FIRED! <-- My comic book podcast! Satan look here!
  • GhotiGhoti Registered User regular
    Say, any of you familiar with MOVEit Central? Specifically the custom vbs scripts which can be integrated into tasks? I wrote a vbs script which works on its own, but I am having trouble integrating it into the application.

  • EchoEcho Moderator mod
    Man, so nice to write BDD-style tests in Mocha/Chai after using NUnit in .NET.

    Echo wrote: »
    Let they who have not posted about their balls in the wrong thread cast the first stone.
  • DehumanizedDehumanized Registered User regular
    Been pair programming for 6 months now. It has been incredible but definitely requires a lot of mutual respect and healthy communication. It can be harder with mixed skill levels but most of the pairs my team associates into are junior developers with senior developers, and it generally works fine.

    crimsoncoyote
This discussion has been closed.