Puckdropper
See? How much more work was it that you had to implement log
Tue Sep 17, 2019 11:40pm
98.215.55.198

in?

I knew what I was blabbering about.

    • Found this post from 2007... - Erik_, Tue Sep 17 2019 4:58pm
      Related to NEMB remake: https://nediscapp.herokuapp.com/discussion.cgi?disc=46108&article=4875&page=13
      • See? How much more work was it that you had to implement log- Puckdropper, Tue Sep 17 2019 11:40pm
        • Haha. Yep. Still doesn't work 100% right... - Erik, Tue Sep 24 2019 3:54am
          Stupid cookies... even with all the "Spring Magic" taking care of 99% of it, there's still some weirdnesses about.
          • I wonder what the Internet would look like - Puckdropper, Sat Sep 28 2019 6:11pm
            with a redesign a little more security conscious, a little more general purpose programming aware, and understanding things like state. Oh, and doing things like actually letting smart people handle security. Just tell the system it's a password and let it figure things out from there. Don't kn... more
            • That's exactly why I left it to 'Spring Magic' - Erik, Tue Oct 01 2019 3:35am
              Passwords are hashed using BCrypt library so no actual passwords are stored in the DB and all the log in / log out leg works is handled by the Spring library. If I was to implement my own, it would most likely have security holes galore and not work right. The weirdness now with the log in i... more
              • I rolled my own...well kinda - Puckdropper, Wed Oct 02 2019 2:45pm
                I didn't have any other option at the time. It's a clever and secureish way of doing things, but time has passed it by. Data goes to the server (a hole, I know) and gets hashed (using an old hash function), then stored in the database. I salted the hash, but I didn't know you should use different... more
                • it's probably fine (like you said.) So, if someone was to figure out the salt for your passwords, would they be able to decrypt all passwords in your database? Even with using an encryption library for the passwords, probably shouldn't be using any shared or important passwords here either. ... more
                  • They wouldn't bother. They'd just rainbow table that thing - Puckdropper, Fri Nov 08 2019 4:06pm
                    up and have it figured out in maybe an hour's worth of computing time. (Now, back 10 years ago it was a couple years worth.) I like to tell people there's three passwords that should be unique: Your bank, your Facebook, and your e-mail. Everything else, it's hard to do much irreversible damage. ... more
                    • I usually have three levels of passwords based on.. - Erik_, Sat Nov 09 2019 3:55am
                      how secure I need it to be. Ex: level 1 top security would be unique hard passwords for work and banks and such. Then level 2 for middle ground and then easier level 3 passwords for stupid throw away stuff. Even then though with having to reset passwords after x amount of time being more common,... more
                      • That's pretty close to how I handle things. - Puckdropper, Sun Nov 10 2019 3:13pm
                        I can't remember every password and my password manager isn't always accessible. And if it's on the phone, it's not convenient for the computer. Too bad user accounts are so effective at preventing spam.
    • I'm angry! I'm gonna delete my account! - Puckdropper, Tue Sep 17 2019 11:41pm
      A day later... Hey mods, can I have my account back?
      • Yep, pretty much! - Erik, Tue Sep 24 2019 3:51am
        Right now all deletes are soft deletes through the actual app so if anything is getting hard deleted, it needs to be done manually. Making things easily reversible is definitely a priority (Especially if there's a bug and someone finds out how to hard delete records from the DB... that would be terr... more
        • Wonder how long it'll take for us to fill that up? - Puckdropper, Sat Sep 28 2019 6:01pm
          Probably a few years knowing us.
          • per disc app and auto pruned any old records past that. Currently where at 4270 threads and they go back as far as late 2006. We have about ~2000 records before hitting the cap so if we use an average of 610 threads/year (4270 threads /12 years)... we would have about 3.25 years before hittin... more
            • Hey, let's set up an identical forum - Puckdropper, Wed Oct 02 2019 2:48pm
              With an aqua background this time. It'll be awesome, everyone will want to go there (to use it as a flashlight, not actually post.)
              • By all means... feel free to create a new PP forum! - Erik_, Fri Oct 04 2019 6:10am
                I'm curious what the UX is for someone logged in other than me. :)
                • Oh, I've never logged in... - Puckdropper, Fri Oct 04 2019 2:43pm
                  Don't you use Private mode for such testing?
                  • Sometimes. It depends... - Erik, Thu Oct 10 2019 1:49pm
                    For a lot of things, it's just "I need to log in to get to this admin page to test" so it doesn't really matter if I'm isolated in a private window. Also, I do almost everything with my local dev instance which invalidates all authenticated sessions every time I rebuild and restart the app.
                    • Yeah, that's how it went with my blog - Puckdropper, Fri Oct 11 2019 1:42pm
                      I'm using session cookies so it logs me out automatically when I close the browser. (It's a nice way to do auto signout for things that are low reward security. Most timed auto signouts are too short.)
                      • This site uses session cookies as well. I almost never close the browser completely (just the tabs) because I like to keep some things accessible at all times. I don't think I've actually tried to close the browser and reopen and see if I'm still logged in... hmm... *throws it onto the 'to-do' p... more
                        • Terrified? That's what Halloween is supposed to be for! - Puckdropper, Sun Oct 20 2019 12:54pm
                          Of course all that scary stuff just looks silly, though. You know how if a machine's been running for months and you shut it down you might not get it to turn back on? Is it like that and your browser?
                          • That is sort of like me and my browser... - Erik_, Thu Oct 24 2019 1:22pm
                            I guess if I used favorites/bookmarks it wouldn't be a big deal. I never seem to remember that bookmarks exist though.
                            • Control+D FTW! - Puckdropper, Thu Oct 31 2019 3:02pm
                              There's the bookmarks bar in Pale Moon that can be really nice for the frequently accessed sites. NEMB is #2 on there.
                              • On the "new tab" screen in FF, NEMB is #7.. but it has some catching up to do because it's on a new host now. I might give Pale Moon a try. I used to use SeaMonkey back in the day when I used Debian instead of Ubuntu. I'm happy with FF but something new is always worth a glance. :) Edit: Al... more
                                • Was Ice Weasel FF or Seamonkey that was just rebranded? - Puckdropper, Fri Nov 08 2019 4:02pm
                                  I think they sorted that out, but I'm not sure. Hm... I'm not exactly happy with Mint (It's SO HARD to access a network drive. Good ol' Windows treats \\name\ as a first class citizen, while Linux is "ohph! Gotta mount it first."), and I'm getting tired of focus stealing. Just flash the icon or... more
                                  • with FireFox. Seamonkey is basically the same thing but according to Google based off Mozilla/Netscape instead of directly from FF...? Does Mint have Samba sharing? It's been ages since I've used it. I know in Ubuntu I can just go to the location bar in the file browser and user smb:// to get my... more
                                    • Well, lookie there: smb://server.local/CapitolizeThis works - Puckdropper, Wed Nov 20 2019 1:32pm
                                      How was I supposed to discover that? Seamonkey was like Netscape but actually developed. I used it for a long time. Pale Moon was better--a little more light weight and faster. Now I wonder how to connect to network drives in those stupid windows that don't have text box fields for paths. I... more
                                      • when I was trying to transfer things between computers at my parent's old house. If I didn't go digging into Samba crap then (might have even been Slackware.. oof) then, I wouldn't have known either. As for having them in windows that don't have a location bar... there's always the Linux way ... more
                                        • Relying on the shell? How Windows 95 of you! - Puckdropper, Thu Nov 28 2019 10:49pm
                                          Slackware, wow. I tried it. It was awful. I guess it's good if you want to build everything yourself, but you need a very fine magnetized needle to set the bits on the hard drive!
                                          • Slackware was the first Linux distro I used - Erik, Sun Dec 01 2019 4:13am
                                            back in the early 2000s. At the time for some reason I thought it was cool that everything was built from source and there was no package management really. I think I stuck around with it way longer than I should have. I still remember losing sleep over figuring out what conf file and dependency... more
                                            • Me too, it was just so hard to do anything. - Puckdropper, Mon Dec 02 2019 5:48pm
                                              I think I may not of even had gcc installed--having to build it from scratch. Or maybe it was g++??? I do remember trying to load Xwindows on a 386. I left, went away for 2 hours for dinner and finally, finally, got a X-shaped mouse cursor to appear.
                                              • Yeeeeeeeeeeeeeeeeeeeeesssssssssssssssssssss - Erik, Wed Dec 11 2019 2:20am
                                                I remember doing almost the same thing but on a random old Sparc station I had floating around. Took forever to get X windows installed... got it working then messed with something and broke it and never got it to come back up again. I think it was g++ you had to build of gcc for slackware but my... more
                                                • That kind of junk kept me on Windows for years. - Puckdropper, Wed Dec 11 2019 12:20pm
                                                  It's cool to forge your own hammer head, but doing it bare handed with no other hammers at all in which to beat your steel? Then even things like Debian on iBook: The clock is off, would you like to screw up your OS?
  • Click here to receive daily updates
    "Don't quote me." - Erik