Hacker: "Heh, you fool. I'm in."
this post was submitted on 10 Jul 2025
384 points (99.2% liked)
196
18049 readers
1088 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
Other rules
Behavior rules:
- No bigotry (transphobia, racism, etc…)
- No genocide denial
- No support for authoritarian behaviour (incl. Tankies)
- No namecalling
- Accounts from lemmygrad.ml, threads.net, or hexbear.net are held to higher standards
- Other things seen as cleary bad
Posting rules:
- No AI generated content (DALL-E etc…)
- No advertisements
- No gore / violence
- Mutual aid posts are not allowed
NSFW: NSFW content is permitted but it must be tagged and have content warnings. Anything that doesn't adhere to this will be removed. Content warnings should be added like: [penis], [explicit description of sex]. Non-sexualized breasts of any gender are not considered inappropriate and therefore do not need to be blurred/tagged.
If you have any questions, feel free to contact us on our matrix channel or email.
Other 196's:
founded 2 years ago
MODERATORS
Put this one on my résumé
It's not good to repeat so many characters in a password. 069420 is much safer.
Unless someone was manually inputting these to try them out, wouldn't it be all the same if it was repeating or not?
They are making a joke. These dongles usually have 6 random digits, but also a secret, e.g. prefix u need to put before the numbers to login. Otherwise a 6 digit number would never be save ish.
I know I was just thinking out loud that for automated random brute force
I once got 111111 on mine
I’m getting nervous just looking at that loose key ring
You shouldn't have posted that, I just hacked into your mainframe.
I used to have that same token. Thanks for reminding me about my old job.
Same but my current job....
Granted. They switched us all to the app instead of the hard token. Which is stupid. And they only allow the hard token for certain scenarios
Saaaaame. We had one that we had to share
Same, but fuck that government contractor clusterfuck.
This is a code in the German phone network for Frankfort the main financial place in Germany.
What year is it?
Not so long ago I saw one of the employees of the treasury department with a shitload of those keychains.
Sound about right for a government. No apps, just physical fobs.
Well, they have a security advantage. I know Google moved over to requiring a USB MFA key for their employees a few years ago, and saw a reduction in successful phishing attacks.
I would imagine one of these fobs is cheaper than a USB key. It also can work without being plugged into a computer, which is good.
Authenticator apps are nice and all, but are not going to provide as much security as one of these. Apps live on people's phones, and especially if it's a personal phone, you may not want to trust its security. If it's stolen or hacked, your multi-factor authentication just got less secure.
If you don't want personal devices in a building as well, these are useful.
Lots of reasons these are still totally good today!
It's an insurance company.
Used to play a drinking game with coworkers and those tokens. We would pick high or low and whoever had said number on the roll over had to buy everyone a round of drinks.
That sounds great!
You can still do it with any TOTP app on your phone too!
That's a good point - which of my 14 registrations should I pick, I wonder? 🤮
There was just something much nicer about the tangible decide that an all app can't come close to
There's an org in ireland called the RSA (road safety authority) and their logo is really similar to RSAs