Let’s gooooooooo

  • Spzi
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    3
    ·
    edit-2
    1 year ago

    An attacker would still know the account exists, and they would know the password did not match.

    Or you’re assuring them that specific password is used by some account, just not this one. Which is even worse.

      • Spzi
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Right, I misread “shouldn’t” for “should”.