
Twitter for Mac is incapable of accepting certain letters in the password field - guessmyname
https://twitter.com/MikeBeas/status/1189416778104999937
======
nikrdc
It appears this is not a bug in the Twitter app but macOS 10.15.1.

[https://twitter.com/nolanobrien/status/1189623346033381376?s...](https://twitter.com/nolanobrien/status/1189623346033381376?s=21)

~~~
hayksaakian
yikes, the mac OS Catalina seems like a complete trainwreck with more bugs
surfacing every week

~~~
gingericha
Is there a way to step back a release for those who have upgraded to Catalina
and subsequently want to go back to Mojave?

~~~
pubutil
AFAIK there’s no clean downgrade procedure. You have to create a bootable
Mojave image, back up, wipe your hard drive, and clean install Mojave

~~~
MikeBeas
I managed to do it during the beta. Since Catalina installs the OS on a
separate partition inside an APFS container, I wiped the OS partition, then
booted into one of the recovery modes (there are 3, I think) to reinstall
Mojave on the partition containing my data. No data had to be wiped, and most
kept working. Music library won’t work with iTunes but I got around that with
Apple Music iCloud Library. A few other things won’t work, like Mojave
Reminders won’t sync with iOS 13, but otherwise it wasn’t so bad. Think I had
to reinstall Homebrew and Node and that was about it. After that I just
removed the now-blank partition that formerly housed Catalina and renamed my
data partition back to its regular name.

Unfortunately I do not recall which recovery mode I booted into. I tried a
few, each offering a different OS to install. One would reinstall the current
OS, one would reinstall the version that shipped on the Mac, and one would
reinstall the current public build, I think. Wish I had a better recollection
of which it was, but since Mojave is no longer the latest public build it may
be moot. If you have the Mojave installer downloaded you might be able to just
install it right on the data partition and wipe the Catalina OS partition
afterwards.

Whatever you do, have a full backup before you even think about starting just
in case, of course.

~~~
prashnts
Link to the support page for key combos: [https://support.apple.com/en-
gb/HT204904](https://support.apple.com/en-gb/HT204904)

------
TicklishTiger
I am a fan of Twitter. It is a much better social network then Facebook and
Instagram. But when it comes to development quality, Twitter reminds me of
Ebay. The technology just does not seem solid. Every other month, something
goes wrong.

I wonder if there is a systematic difference between companies with solid
development and companies with wonky development. Is there a different hiring
philosophy in place? A different type of tech stack? A different management
structure?

Just a week ago, Twitter lost over 20% market cap because they noticed that
they were showing people device-personalized ads even though they were opted
out of that. After they fixed it, revenues went down.

In other words, a stunning 10 billion dollar of Twitters market cap was based
on the illusion that the tech was working as expected. While in reality it was
wrecking havoc.

Is it really possible that a feature that makes up a quarter of the companies
value is not being tested?

~~~
jedberg
I've thought a lot about this, having worked at some of these companies with
both good and bad quality. The best conclusion I can come to is whether or not
the executives use the technology on a regular basis.

At eBay, the execs didn't use the platform much. In fact, when I worked there,
they had to give us a $10 credit just to get us to use it (and then stopped
when the users said it wasn't fair that employees were bidding with someone
else's money).

At Facebook/IG, the execs use the platform often. At Netflix the execs use it
pretty much every day. At Twitter, you don't see a lot of executive use.

You can even see it at Apple. The quality on MacOs has been falling, quite
possibly because all the execs are using iPads and iPhones as their daily
drivers, and rarely using laptops.

I think in the end it boils down to visibility to people who can affect
change. Either your execs need to use the product often, or the engineers need
to be empowered to make changes without exec approval (or both, like at
Netflix or Facebook/IG).

~~~
iamaelephant
Are you implying that Netflix software quality is good? As someone who uses
the web interface in a variety of browsers, I disagree in the strongest terms
possible.

~~~
jedberg
I think you may have inadvertently proved my point. The web interface is one
of the least used interfaces. It probably doesn’t get used by many execs or
engineers in the company.

~~~
umanwizard
I’m taken aback by all the people saying they never use the web interface -
what in the world do people use, then? Is it really true that people
overwhelmingly use Netflix on tiny phone screens?

Edit: I am stupid and forgot that smart TVs exist (despite owning one)

~~~
jedberg
The TV mostly. Many TVs have built in Netflix apps, and also lots of thinks
that you connect to a TV like AppleTV, Roku, Firestick, Blu-Ray players, etc.

Also iPads and other tablets.

~~~
umanwizard
Ah, right. Obviously. Not sure how TVs slipped my mind :)

------
eindiran
There's also some weird, non-determinism in the beginning where the 'c' after
a long chain of failed 'b's overwrites the previous 'a', which he is later
unable to replicate. Not to mention preventing arrow-key navigation of the
password field is the most annoying UI decision they could make. What an
absolute mess.

~~~
MikeBeas
So I am able to replicate this reliably but at first I misunderstood what was
happening.

What happens is this:

1\. Type some stuff in

2\. Turn on “reveal password”

3\. Type one of the “banned” characters

4\. Switch “reveal password” back off

5\. Type another character

6\. The whole existing password is deleted and replaced by the letter you just
typed.

So the reason I end up with two Cs in a row at the beginning is because I
actually typed in another. After I type in the C that causes the field to
reset, I erroneously believed that it had deleted both the B and C, leaving
only the A, so I say “C” again out loud and type another C, believing the text
entered is now “ac”.

In reality, it had cleared the field, replacing both the A and B with a C. So
when I typed in that second C there were then two in a row.

The reason I didn’t understand what was going on was because I was just
counting dots and assuming which letters were deleted at first.

Oddly, when this field-clearing behavior happens, it also hides the “reveal
password” button until you add a second character to the field. That should be
visible with only one character but in this particular situation it hides
instead.

~~~
eindiran
Aha! I missed that. How long did it take you to work out the bug here? How did
you stumble on to this originally? Was it an organic error, or do you do this
kind of thing for a living?

~~~
MikeBeas
I was typing in a password (which I have since changed, lol) that contained
one of these letters and it kept rejecting it. Assuming I was typing it wrong
(I’m prone to that), I very deliberately typed in every letter one at a time
and noticed that no dot appeared when I got to that character. I was gonna
tweet about that one letter but then I started wondering how many other
letters would do the same. So I tried them all.

My day job used to be internal technical support at a software company, and
now it’s engineering.

Before that I was at 9to5Mac reviewing apps, and even before that I was a
pretty prolific beta tester for stuff like iOS jailbreak tweaks, so I’ve got a
LOT of troubleshooting and debugging experience that comes in handy here haha.
I live to break things.

~~~
stevehawk
I lost it when you yelled "WHO SHIPPED THIS?" Man, the number of times I've
felt that sentiment.

~~~
MikeBeas
unfortunately im right there with you man. lol

------
rolae
Reminds of when I was not able to log into Skype, because when I typed in my
username, which was something like firstname...familyname, it kept replacing
the three dots with an elipsis automatically, without me noticing.

------
dkonofalski
What could possibly be the reason for this? I mean...there's got to be some
kind of validation that's going wrong here but I don't see any validation
scheme that would include standard alphabetical characters.

~~~
Aqua_Geek
[https://twitter.com/NolanOBrien/status/1189585020232462340](https://twitter.com/NolanOBrien/status/1189585020232462340)

> Root cause is Catalina regression that fails keyboard inputs when a
> UIKeyCommand is registered for the same key. UIResponder chain regression
> most likely.

~~~
dkonofalski
That doesn't seem like the root cause to me. It sounds like they have events
set up for the UI prior to login which doesn't really make sense. The
regression in Catalina may have exposed it but the regression is not the cause
of this, as far as I can tell.

~~~
shawnz
While you may not believe they made the best design choice, there's nothing
functionally wrong about the choice they made. According to the docs, their
method should work just the same. So I don't think it's fair to say that's the
cause of the bug.

~~~
dkonofalski
>nothing functionally wrong about the choice they made

Sure there is... The app would capture those as shortcuts instead of as user
input. You know...exactly what's happening here. If this interferes with
writing tweets also then that should be easy to figure out.

As I said above, I'm not saying it's not because of the regression but it's
more likely to me that Twitter messed it up. Otherwise, why is no other app
experiencing this issue if it was done "according to the docs".

~~~
shawnz
> Otherwise, why is no other app experiencing this issue if it was done
> "according to the docs".

Well, like you say, it's not common to use shortcut keys without modifiers
right? So it doesn't seem that surprising to me that nobody noticed the
regression.

------
pornel
The app is built using the new Catalyst framework, so it's not surprising that
it's all beta quality.

------
dmix
I tried it and this applies to the login password field too, not just
signup...

Note: it only happens when the password field is set as 'hidden', clicking
reveal makes it work fine.

------
ErneX
Is that proper Twitter for Mac or an iOS app via Catalyst?

~~~
MikeBeas
Catalyst. The old Twitter apps don’t work anymore. They’ve been cut off API-
side.

------
platypii
Obligatory:

"I included emoji in my password and now I can't log in to my Account"

[https://apple.stackexchange.com/questions/202143/i-included-...](https://apple.stackexchange.com/questions/202143/i-included-
emoji-in-my-password-and-now-i-cant-log-in-to-my-account-on-yosemite)

~~~
Laforet
Hah, that was a fun read. Thanks for posting.

It reminds me of the days when I used WinRAR for a lot of things. The password
field would only allow entry of ASCII characters but the program will accept
any character by copy and paste, leading to a world of pain where certain
archives can only be opened on a specific OS with one particular version of
WinRAR because the internal parsing seems to depend on both when it comes to
exotic characters. Good times and I think everybody have learned to avoid this
sort of hiccups by now.

------
allard
Spotify on Android turns 1x2 into 1×2 in the password field. I don't recall
what the two digits were, and I didn't try any other two.

------
baud147258
Considering how bad their latest redesign is, I'm not surprised that they've
got low quality standards.

------
janpot
funny, my girlfriend was entering a 2fa code in the airbnb android app today
and it refused to enter a '0'.

