
Remove my password from lists so hackers won't be able to hack me - dEnigma
https://github.com/danielmiessler/SecLists/pull/155
======
cyberferret
That comment thread was gold, if only for the link to the most secure password
in the world site... [0]

[Disclaimer seeing as the original joke was missed by many - this site link is
totally tongue in cheek too. DON'T use the suggested password]

[0] - [https://mostsecure.pw/](https://mostsecure.pw/)

~~~
darklajid
Secure Connection Failed

An error occurred during a connection to mostsecure.pw. SSL received a record
that exceeded the maximum permissible length. Error code:
SSL_ERROR_RX_RECORD_TOO_LONG

Just me? Is this just too secure™ for Firefox' liking?

~~~
daveFNbuck
It's just you. It worked fine for me in Firefox.

------
petecooper
Ctrl + F

hunter2

(4 matches)

I _love_ a good in-joke.

Spoilers: [http://bash.org/?244321](http://bash.org/?244321)

~~~
reificator
What did you search for? When you type hunter2 all I see are stars.

~~~
Beltiras
Copied the stars and then pasted that into CTRL-F

~~~
EGreg
Fun fact: You have to escape the stars for them to show up on IRC. Otherwise
people see their password!

------
peterburkimsher
The comments are humorous, of course, in the context of sharing passwords.

What if, instead of a password, the text to be censored is:

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

(That's a code that can be used to crack Blu-Ray discs).

Further reading:
[https://en.wikipedia.org/wiki/AACS_encryption_key_controvers...](https://en.wikipedia.org/wiki/AACS_encryption_key_controversy)

[https://en.wikipedia.org/wiki/Digital_rights_management#Oppo...](https://en.wikipedia.org/wiki/Digital_rights_management#Opposition)

[https://www.eff.org/issues/drm](https://www.eff.org/issues/drm)

------
catnaroek
They should have checked their password with
[https://inutile.club/estatis/password-security-
checker/](https://inutile.club/estatis/password-security-checker/) . It
correctly identifies both “hunter2” and “dolphins” as unsafe.

~~~
reificator
That's a very good resource. I typed in gibberish to make sure it was what I
hoped it was.

~~~
catnaroek
Of course, “gibberish” is also an unsafe password.

~~~
reificator
Very true.

------
mattbgates
My address is listed in the phone book as well. Is there anyway I can get that
removed? :P

~~~
gerdesj
Country?

~~~
mattbgates
Oh, it was a joke. Guess the topic of this was meant to be serious, ha. I even
got downvoted.

~~~
icc97
One has to suffer for one's art

------
microtheo
I'm not really a security expert, but wouldn't it be harder for hacker to
notice the hack if you leave it and wisely change the first letter to
upper/lower case?

------
zszugyi
Thanks for this. I went ahead and created a merge request to remove my
passwords too. /s

------
yashinovsky
Fun trolling :)

------
hi41
Can someone please explain. I don't understand.

------
jameskegel
I'm going to let this one slide, because most of us are not working today for
various reasons, but I must note, I've never seen this side of GitHub. I
probably spend too much time cloistered in work projects to notice.

~~~
ghrifter
> I'm going to let this one slide

Thanks for your benevolence.

~~~
jameskegel
Your snark is noted. However, unlike those that come here to delay their day's
tasks, I come here to learn and be exposed to new things. As such, humor has
never been a quality I seek from HN, and it detracts from the point of being
here, for me.

~~~
BoorishBears
Heyyy, it's that guy who looks down on those of us who don't use our real
names!

I remember because you showed a similarly poor attitude in another thread.
That attitude was so out of line with what I expect from HN that your username
was seared in my mind :)

------
hardlianotion
Nice. Subtle.

------
misingnoglic
This is hysterical, I love that tech has their own way of humor.

------
desireco42
I don't know what to think, he knows how to make a PR but doesn't get this
simple thing... :)

~~~
noncoml
He is trolling.. but I guess you are meta-trolling..

------
MechEStudent
So, they want the password off the list, instead of changing it to something
(much much much) more secure? Some variant of "battery horse staple and
correct", right?

~~~
linkmotif
This is a joke.

------
reificator
Look, we all intuitively get that it's a bad idea and it is definitely funny.
But honestly is it helping to make fun of the poor user rather than educate
them as to why their password is on the list and the importance of secure
password practices?

The security community I grew up with was welcoming and understanding, and it
sparked an interest I never would have realized otherwise.

~~~
throwaway2016a
The user has a large number of GitHub commits and the technical knowledge
needed to create a pull request probably exceeds the knowledge needed to know
why this doesn't work...

I feel comfortable assuming the original PR is a joke.

~~~
reificator
> _the technical knowledge needed to create a pull request probably exceeds
> the knowledge needed to know why this doesn 't work..._

The plural of anecdote is not data, but I have first hand experience with
someone who can make a pull request but doesn't understand password best
practices at all.

Granted it might be because I taught them to make pull requests, but still...

I know people who wrote code for their thesis in Python but can't grasp why
indentation matters. You'd be surprised by what people do and don't know.

~~~
ci5er
> I know people who wrote code for their thesis in Python but can't grasp why
> indentation matters.

How can one write code (that runs!) for one's thesis without paying attention
to Python's semantically significant whitespace?

~~~
felbane
Perhaps an IDE/editor that autoformats python code?

~~~
ci5er
I am now more than a little embarrassed that this didn't even occur to me...

~~~
arthulia
It doesn't make a whole ton of sense because you'd still need to know when to
un-indent in order to get out of a conditional block. IDEs can't read your
mind.

~~~
reificator
I've never asked the details, I just know that they used Python before but
couldn't cope with indentation when I worked with them on code.

~~~
AlexCoventry
How did they fail to cope with it?

~~~
reificator
I had an answer typed up, but it felt like picking on them rather than
explaining the issue. Text is hard.

After submitting changes that started 10 indents past the previous line, and
had little to no rhyme or reason for subsequent indentation, we asked them to
reformat and resubmit. When it became clear that they could not, we reviewed
the code itself separately from the indentation and reformatted it ourselves.

Multiple co-workers sat next to them to try to explain how to line things up
vertically, but they were unable to do so without said help.

This was over the course of about two weeks in which we were instructed to try
to bring them onboard some of our projects. Both our and their projects at the
time were frontend web projects.

I have not looked at any of their code outside what was submitted to our side,
but I do know they are praised for the quality of their work by management.

~~~
AlexCoventry
Thanks. Interesting.

