Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
You Shall Not Pass (youshallnotpass.glitch.me)
88 points by dfabulich on Feb 10, 2021 | hide | past | favorite | 34 comments


I know it's a joke but it feels too damn real.

I especially hate it when websites declare my randomly generated 32 character password is 'not secure'. Because obviously it needs squirrel sounds as well.

https://dilbert.com/strip/2005-09-10


"You must include a capital"

tweaks it to have capital letter

"You must include a capital (of a country)."

commence uncontrollable laughing.


"The MD5 of your password must start with a 0"

That's what did me in.


Saves us a byte in the sqlite database


I did it! It was pure luck because all I had to do was add a 1 to the end of my existing password and it did the trick.

The MD5 one was the last level though.


Oof, that's rude!


> This project has received too many requests, please try again later.

so true...


>Sorry, this password is already in use. (But matches all criteria, after 17 attempts.)

That was good fun


The reward for "almost winning" is quite underwhelming but hilarious.

There's 3 levels, can be passed relatively quickly.


> You have met all the requirements but this password is already in use.


I thought I'd finally nailed it with _RomemoR_


I like the point this makes. The expectation for us to remember hundreds of convoluted and complex passwords for every site we might interact with once a year is totally ridiculous.


KeePass for the win! https://keepass.info/


Not to spoil the initial ones, as they're quite fun, but I like level3 from the source:

  var level3 = [
    containsEmoji,
    hasPi(),
    MD5,
  ]


Tip: if you type "pi 100 digits" in DuckDuckGo you'll get a quick answer.


Or just π the symbol


That is, if you know how to type that.

I use a compose key, but sadly I can't find it in the compose table.

https://help.ubuntu.com/community/GtkComposeTable


I was using my android phone, so it was just a case of getting into the less used characters section of the virtual keyboard. One of the rare scenarios where typing on a phone us much easier I guess


Came up with "emoRade edaRome" ("must contain a capital... of a country").

Apparently someone came up with that before me? How? Who? I want names!


I'm guessing that someone's written a script to brute force submit all legal names, or there's a bug. I started with London, ran up against the character limit, then went to https://en.wikipedia.org/wiki/List_of_national_capitals and selected Dili, the capital of East Timor.

Every combination of random characters I substitute for the 8 and tilde in "dilI~8 e 8~Ilid" always produces "Sorry, this password is already in use."

Eventually got to "Sorry, all of today's passwords have been used. You win, ..."


This was hilarious!

"Sorry, this password is already in use. (But matches all criteria, after 12 attempts. Click here to try the next password scheme.)"


Been there, done that.

http://www.animats.com/source/obvious/obvious.c


This was fun and frustrating.


Start here: https://en.m.wikipedia.org/wiki/List_of_palindromic_places


You don't need it :) The password must include a capital city, but it can also include other characters to make it a palindrome :)


But then it needs to be divisible by 3 but not longer than 15


And contain a capital letter, a space and the letter 'e'


True, but it's a lot easier if the capital itself is a palindrome as it saves you space to meet the other conditions (or just use a short city name).


> Sorry, the first character of the MD5 hash of your password must be a '0'. Current MD5: fe4c1e83d59a40dfde84acbbd935a5bb

You want me to mine crypto fot you?


You shall not pass too many requests or else...


I laughed...

Not sure if that's intentional or not.


The HN hug of death strikes again.


I laughed out loud.


,m,mmm




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: