• ViewSonik@lemmy.world
    link
    fedilink
    arrow-up
    43
    arrow-down
    4
    ·
    1 year ago

    While that may be true(copy/🍝), it implies that their code quality and QA process is broken and some of the most important fields/data are not being closely looked it. It certainly DOES speak to their overall security competence.

    • DoomBot5@lemmy.world
      link
      fedilink
      English
      arrow-up
      23
      arrow-down
      4
      ·
      1 year ago

      Eh, I can see how it’s missed by testing. The tests probably cover testing non-compliant passwords failing and compliant passwords passing. They were probably updated at the same time the password compliance was updated.

      Missing an edge case like this isn’t good, but it’s not that uncommon.

      • ViewSonik@lemmy.world
        link
        fedilink
        arrow-up
        9
        arrow-down
        5
        ·
        1 year ago

        Again, a basic code quality issue. If they missed this basic functional code issue, what else did they miss that is exploitable….