this post was submitted on 10 Oct 2025

1274 points (99.5% liked)

Programmer Humor

26913 readers

1511 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 2 years ago

MODERATORS

Feyter@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

pylapp@programming.dev

1274

Vibecoding is the future (lemmy.ml)

submitted 1 week ago by cm0002@sh.itjust.works to c/programmer_humor@programming.dev

81 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] scrubbles@poptalk.scrubbles.tech 215 points 1 week ago* (last edited 1 week ago) (2 children)

You're absolutely right! It doesn't make sense to show the user the 2fa code! removes 2fa completely

[–] Uli@sopuli.xyz 150 points 1 week ago (3 children)

Oh, I get it! You still want 2fa, you just don't want the code to be shown! colors the text white

[–] ThePancakeExperiment@feddit.org 37 points 1 week ago (2 children)

No, no, make it ultra secure and display none it, every website will be a database of important information, you just have to put everything into a hidden table!!

[–] PattyMcB@lemmy.world 20 points 1 week ago

Font size 0

load more comments (1 replies)

[–] Redjard@lemmy.dbzer0.com 18 points 1 week ago

Oh you want the code not rendered into html!
Drops the code in javascript when it is received from the backend.

load more comments (1 replies)

[–] pure_bliss@discuss.tchncs.de 12 points 1 week ago* (last edited 1 week ago)

[–] aberrate_junior_beatnik@midwest.social 111 points 1 week ago (2 children)

It took me way too long to figure out what was wrong with this screenshot

[–] Ilovethebomb@sh.itjust.works 56 points 1 week ago (1 children)

Yeah, same here. I was counting the boxes thinking they'd got the wrong amount of numbers.

[–] shalafi@lemmy.world 13 points 1 week ago

I counted the boxes 3 times. :(

[–] Darkmuch@lemmy.world 9 points 1 week ago (2 children)

I need help. I don’t get it…

[–] teegus@sh.itjust.works 27 points 1 week ago

The "secret" code sent to your phone is spelled out in the text

[–] moriquende@lemmy.world 5 points 1 week ago

No point sending the code to your phone when it's displayed right there. The idea of doing this is making sure nobody has stolen your password, because they still need access to your phone before they can access your account.

[–] 8000gnat@reddthat.com 79 points 1 week ago

no factor authentication

[–] undefined@lemmy.hogru.ch 78 points 1 week ago (17 children)

SMS/email-based 2FA should die.

[–] ColdSideOfYourPillow@anarchist.nexus 55 points 1 week ago (1 children)

Luckily, you don't even need to check SMS or input a valid number with the “verification” in the screenshot!

[–] bamboo@lemmy.blahaj.zone 31 points 1 week ago

mission failed successfully

[–] nogooduser@lemmy.world 13 points 1 week ago (2 children)

It’s better than nothing and some people would really struggle to do other types of 2FA.

[–] djsoren19@lemmy.blahaj.zone 8 points 1 week ago

I'll be homest with you, some people really struggle with email 2fa. The amount of working Americans I have spoken with who don't understand how to have two tabs open at once is genuinely frightening.

[–] Natanael@infosec.pub 6 points 1 week ago

As a reset method it's worse than having nothing

[–] null@lemmy.nullspace.lol 5 points 1 week ago (1 children)

It's wild how standard SMS is given how (relatively) trivial it is to exploit.

load more comments (1 replies)

load more comments (14 replies)

[–] aarRJaay@lemmy.world 53 points 1 week ago (1 children)

That's up there with: "You cannot use this password, it's already in use by ... "

[–] SethTaylor@lemmy.world 11 points 1 week ago

But that's so practical. Maybe I can contact them and ask them if we can swap. Haha

[–] Sam_Bass@lemmy.world 43 points 1 week ago (2 children)

They were called scriptkiddies back in the day

[–] _stranger_@lemmy.world 19 points 1 week ago (2 children)

Has the general discourse settled on a proper epithet for this new version?

"vibe coders" doesn't feel derogatory enough.

[–] glitchdx@lemmy.world 7 points 1 week ago (4 children)

"vibe coding" was supposed to be derogatory?

load more comments (4 replies)

[–] 2deck@lemmy.world 6 points 1 week ago

Agreed, they're getting off light. I've worked with people who felt the code, but werent always able to communicate their ideas. I'd say theyd fit the idea of vibe coding without ai.

The concept is taken, and doesn't describe the intent well. How about "pseudocoders".

[–] REDACTED@infosec.pub 10 points 1 week ago

At least they had real intelligence, doing stuff like this is basically so stupid you'd be clinically braindead

[–] elvith@feddit.org 32 points 1 week ago

IIRC the screenshot in the tweet is from a shitpost in reddits r/badUIbattles

[–] pineapplelover@lemmy.dbzer0.com 27 points 1 week ago (3 children)

I will be honest, it took me a good while to figure out what's wrong

load more comments (3 replies)

[–] Treczoks@lemmy.world 26 points 1 week ago (2 children)

This could be vibe coding, or just an intern "doing the web site".

Neither should have write access to production code.

[–] psud@aussie.zone 2 points 6 days ago

I feel like I saw this or the same thing on a different screenshot before AI, I'm not sure whether it's deliberately crafted bad security thing or legit bad from the wild

I don't think it's the result of vibe coding

[–] cupcakezealot@piefed.blahaj.zone 6 points 1 week ago (4 children)

i mean either one of those fucked up but it's also on the qa/testing team and the deployment team that they let it GET to production.

load more comments (4 replies)

[–] Evil_Shrubbery@thelemmy.club 23 points 1 week ago (1 children)

Feels like testing feature, hopefully the screenshot isn't from production.

[–] AmbiguousProps@lemmy.today 34 points 1 week ago (3 children)

We test in production, silly.

[–] Evil_Shrubbery@thelemmy.club 14 points 1 week ago (2 children)

load more comments (2 replies)

[–] VonReposti@feddit.dk 11 points 1 week ago

Everyone has a test environment. Some are just lucky enough to have a separate production environment.

load more comments (1 replies)

[–] cows_are_underrated@feddit.org 21 points 1 week ago (3 children)

Assuming this is real, how the fuck do you fuck up so badly?

[–] mcv@lemmy.zip 17 points 1 week ago* (last edited 1 week ago) (1 children)

What!? It's more user friendly this way. No need to make the user switch to a totally different device when you can tell them right here!

(I hate pointing out sarcasm, but it's better not to risk it these days.)

load more comments (1 replies)

[–] rumba@lemmy.zip 6 points 1 week ago

When I first added 2fa to page, I had a bug and made it do that to compare the values.

production or test, it's likely debug code.

load more comments (1 replies)

[–] cupcakezealot@piefed.blahaj.zone 20 points 1 week ago

i'm ashamed to say that took me a while to figure out what was wrong mostly because i didn't think someone would be that dumb.

[–] prettybunnys@sh.itjust.works 15 points 1 week ago

This could also be a funny translation issue.

My bank sends a text message to me with the first code and a second code I enter.

They tell me the first code in a similar way so I can verify they sent it to me, then I enter the other code in the text.

[–] idunnololz@lemmy.world 15 points 1 week ago (1 children)

Sike! That's the wrong number! /s

[–] Psythik@lemmy.world 22 points 1 week ago* (last edited 1 week ago) (2 children)

It's spelled "psych", as in you're psyching them out.

[–] idunnololz@lemmy.world 7 points 1 week ago* (last edited 1 week ago)

It's ok I'm oot of academia.

load more comments (1 replies)

[–] exu@feditown.com 13 points 1 week ago

Just delay accepting the numbers for 10 seconds to simulate the time needed to check SMS and type them.

load more comments