Transcript

A tumblr post saying "i really like this thing where websites will have separate “log in” & “sign up” buttons and if you click “log in” it takes you to a sign-up screen anyway so you have to click “i already have an account” and then it will ask if you want to sign in with your facebook account or with instagram or linkedin or deviantart or whatever, and if you choose “username & password” it asks if you want to put in your username or use your thumbprint, and once you put your username & password it emails you a confirmation code, and once you put in the code it says “do you want to give us your phone number for future sign-ins? do you want to sign up for facial recognition? do you want to give us your bones? give us your fucking bones?”

  • jaupsinluggies@feddit.ukEnglish
    15·
    4 days ago

    I was confused recently at a border post marked “Passport control”. I had it ready, but the guard asked for my driving licence. While I was fishing for that he breathalysed me, which came back clean so he said I could go - without having seen either my passport or driving licence.

  • untorquer@lemmy.worldEnglish
    10·
    4 days ago

    Shout out to

    <<Login>>

    Uname:

    Pword:

    Or sign in with [Gargle] [Equis] [Fightbook]

    Don’t have an account? [Sign up here!]

  • snooggums@lemmy.worldEnglish
    21·
    5 days ago

    "i really like this thing where websites will have separate “log in” & “sign up” buttons and if you click “log in” it takes you to a sign-up screen anyway so you have to click “i already have an account

    I used to wonder if I clicked the wrong thing but this is so fucking common that I just assume the website is designed by idiots who can’t use a single button for the same thing.

      • atomicbocks@sh.itjust.worksEnglish
        2·
        5 days ago

        In my experience it’s been because the login app was done by a different team than this web app and this PM promised that they could save time by reusing the old code.

      • snooggums@lemmy.worldEnglish
        2·
        5 days ago

        If the PM gets to make design decisions then that counts.

        I know why it ends up this way, because the stupid people who complain the most don’t know if they have an account or not, but the workflow that has become common is the must frustrating one for users who do know what they are doing.

  • Lvxferre [he/him]@mander.xyzEnglish
    12·
    5 days ago

    do you want to give us your phone number for future sign-ins?

    Urgh, that’s probably the worst part.

    I don’t mind mail-based 2FA. However, since I see “random sites have your phone number” as a bigger threat than “skript kiddo might hack your password”, if the 2FA must use my phone number, I’ll genuinely think if I really need an account in that site, and probably give up.

    • kautau@lemmy.worldEnglish
      13·
      5 days ago

      All sites should support TOTP, fuck email/sms OTPs, and especially fuck sites that think being “passwordless” but sending a code to my email is secure.

  • infinitesunrise@slrpnk.netEnglish
    10·
    5 days ago

    Also shout out to front end js libraries that hijack and discard familiar default page rendering behavior in favor of asserting their own arbitrary, untrustworthy, and inferior render behaviors that break completely outside of chrome browser or with any extensions running, gotta be my least favorite gender.

    Like how so many sites just fuckin come to a dead stop and reload completely if you click literally anything because the developer didn’t follow React design philosophy perfectly. Thanks a million, Facebook, so cool so cool.

  • cogitase@lemmy.dbzer0.comEnglish
    11·
    5 days ago

    You’re not actually giving the website access to your fingerprint or other biometric information by doing that. That’s all handled on your device which then sends a verification message.

    • ricecake@sh.itjust.worksEnglish
      6·
      5 days ago

      Yup.
      Using fingerprint/face recognition to access your device is questionable depending on your concern level, since the thing being accessed is right next to the thing that gives you access.
      Having that same device know how to recognize those same features so it can use them to access a local system that is used to unlock something far away very securely is unquestionably good. An attacker is very unlikely to have both your phone and your thumb while trying to access your bank account.

  • oni ᓚᘏᗢ@lemmy.worldEnglish
    4·
    5 days ago

    Everytime that I have to log in to facebook because I need to do something for someone I said to them “wait, facebook’s gonna ask me for a fecal sample”