“Username or password incorrect” is bullshit
There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”…
But, as this article points out, this is nonsense — because it is so trivial for anyone to find out whether a username is incorrect anyway.
Leave a Reply