There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”. Instead they’re supposed to say the “username or password is incorrect”. This “best practice” is bullshit. […] You gain no security, yet your customers lose clarity. At first I raised my eyebrow when reading this, yet it became clear rather …
Continue reading ““Username or Password Incorrect” is Bullshit”