MikeMirzayanov's blog

By MikeMirzayanov, 7 months ago, translation, In English,

Hi Codeforces!

Here are some recent improvements here and in Polygon.

Weak and Leaked Passwords

We often hear about password leaks from various services. Considering that having common passwords is a common (but insecure) practice, we've improved Codeforces and Polygon to identify weak or leaked passwords. If on the top of the website you see a message that your password is not secure, then just change it immediately.

Type of the round when creating a contest proposal

This item improves our work with the writers. When creating a contest proposal, please indicate the type of a round. Leave the field empty only if you don't know the type of the round (it is strange).

Calendar

We've fixed errors when synchronizing official Codeforces rounds with the calendar. Now everything should be correct.

I trust this user

Currently, Codeforces provides a mature infrastructure for organizing contests, olympiads and trainings. With the help of domain groups and mashups, competitions of various levels were hosted on Codeforces. The organizers are sometimes not regular users of Codeforces rounds and do not have rights to some of the actions. Now, any red user can confirm his trust in another account, and he will get the right to: write comments/posts, create private groups, create mashups. I hope this will save me from a certain routine of processing such requests.

Confirmation via email when entering Polygon

When you sign in Polygon, your IP-address and browser will be verified. If you didn't use them in the recent past, then you may be asked to sign in with a confirmation email. In this case, just follow the secret link that comes to your email.

 
 
 
 
  • Vote: I like it
  • +505
  • Vote: I do not like it

»
7 months ago, # |
  Vote: I like it -31 Vote: I do not like it

Thanks Mike

  • »
    »
    7 months ago, # ^ |
      Vote: I like it -27 Vote: I do not like it

    I need explanation for down-votes why??????????????

    • »
      »
      »
      7 months ago, # ^ |
        Vote: I like it 0 Vote: I do not like it

      Because you're not red , and the community here is toxic and crave cocks from reds.

      prove me right and down vote this pussies.

»
7 months ago, # |
  Vote: I like it -21 Vote: I do not like it

Good

»
7 months ago, # |
Rev. 2   Vote: I like it +52 Vote: I do not like it

If on the top of the website you see a message that your password is not secure, then just change it immediately.

So... passwords are stored in plaintext?

That doesn't sound good.

  • »
    »
    7 months ago, # ^ |
      Vote: I like it +95 Vote: I do not like it

    Surely not. We check it on sign in (when you use a password). Also we use much less strict verification for salted hash trying to match with most popular passwords and passwords generated from a handle.

»
7 months ago, # |
  Vote: I like it +45 Vote: I do not like it

1 and 4 are a bad combo

»
7 months ago, # |
  Vote: I like it -19 Vote: I do not like it

Instead 4 , why not just recruit moderators from cf ?

»
7 months ago, # |
Rev. 2   Vote: I like it +3 Vote: I do not like it

@Calendar: Some things are still bugged. Even now, the next joined round is duplicated and I cannot edit/remove any events (I wanted to fix this).

»
7 months ago, # |
  Vote: I like it +14 Vote: I do not like it

Can we get confirmation emails when signing into Codeforces (from a new location/browser) as well?

  • »
    »
    7 months ago, # ^ |
      Vote: I like it +25 Vote: I do not like it

    Yes, I have plans to implement it. It will be an optional feature, you will be able to disable it in the profile settings.

  • »
    »
    7 months ago, # ^ |
      Vote: I like it +15 Vote: I do not like it

    An option to lock the email address would be nice. This means you will require email confirmation to change the address (and you would get an email if someone is attempting to do it!). That way, even if somebody manages to guess/hack/change your CF password, they can't take over your account permanently because you can use password reset with your email.

    I think many people have an important email address with a strong password that they protect carefully. It's nice when you can make use of that one safe account to protect other accounts, without having long unique passwords and two-factor authentication everywhere.

    • »
      »
      »
      7 months ago, # ^ |
      Rev. 3   Vote: I like it +5 Vote: I do not like it

      We can change our password without email confirmation? What you said is what we need indeed!

      • »
        »
        »
        »
        7 months ago, # ^ |
          Vote: I like it +5 Vote: I do not like it

        Yes, and you can also change the email address without confirmation, which I think is even worse and the point of my comment.

»
7 months ago, # |
  Vote: I like it +11 Vote: I do not like it

Will updating properties of published proposal lead to move this proposal to the back of the queue?

»
7 months ago, # |
  Vote: I like it +3 Vote: I do not like it

MikeMirzayanov I hope you take a look at the suggestions written in this blog and the comments section: https://codeforces.com/blog/entry/65855

»
7 months ago, # |
  Vote: I like it +54 Vote: I do not like it

MikeMirzayanov, changed my password and I am still logged in on my phone. I don't think that's intentional.

»
7 months ago, # |
  Vote: I like it +24 Vote: I do not like it

Fixed some errors in calendar, but VK Cup is still there, hmmm

»
7 months ago, # |
  Vote: I like it -15 Vote: I do not like it

Do you like my handle guys?

»
7 months ago, # |
  Vote: I like it 0 Vote: I do not like it

Thank you Mike

»
7 months ago, # |
  Vote: I like it 0 Vote: I do not like it

Hi Mike, thank you for developing such a brilliant platform. Sorry but there might be a little trouble for me that I still do not know how to render my validator and generators for a specified input file. I set input file as some.in in General info and manage to use both generators and validator. But if I put a freopen("some.in","w",stdout) in generator with script gen > 1, in preview tests section it prompts ERROR: Unexpected verdict Validator 'val1.exe' returns exit code 3 [FAIL Unexpected end of file - token expected (stdin, line 1)]CRASHED.. But if a use script gen > {1} instead, the validation is will prompt ERROR: Unexpected verdict Can't prepare input file (it occurs also when I delete freopen in generator). If I delete freopen in generator and use script gen > 1, the validation period works well but Answer section will prompt ERROR: Unexpected verdict IDLENESS_LIMIT_EXCEEDED which shown that it is wrong to set freopen("some.in","r",stdin) in solution file (but this exists for my specification in input file). Can there be another way to make them work well? Thank you.

  • »
    »
    7 months ago, # ^ |
      Vote: I like it +12 Vote: I do not like it

    Hi, generators and validators (and checkers) do not depend on the filename. Write them as usual, using standard input/output. Note that to use gen > {1} syntax, the generator gen should create the file 1. There are probably testlib functions for that, but you'd better not use this syntax at all, it will be very inconvenient to move tests around.

    In solutions you should use the filename you specified in the general info tab. Probably you have some other issue that causes IL.

    So you should:

    • set input file in general info tab,
    • use stdout in generator,
    • use gen > 1 syntax,
    • use freopen in the solution.
    • »
      »
      »
      6 months ago, # ^ |
        Vote: I like it 0 Vote: I do not like it

      It works! Thank you verrrrrrrry much!!!! You really help me a great deal!

»
7 months ago, # |
  Vote: I like it +13 Vote: I do not like it

"Confirmation via email when entering Polygon"

We need to login into the account programmatically to "Discard working copy". Otherwise the APIs would always return the old copy.

  1. Can we have an API to discard working copy? (preferred)
  2. Otherwise, can we whitelist an IP address to login to polygon?
  • »
    »
    7 months ago, # ^ |
    Rev. 2   Vote: I like it +18 Vote: I do not like it

    or 3. Add an option to entirely disable the confirmation (edit: the option has been added few days after comment)

    Email confirmation can be pretty inconvenient for people with dynamic IP (it seems like you need to verify by mail twice for each IP before it stops asking), and some things are completely broken now (e.g. problem import in ejudge). One may argue that people are just using polygon wrong if the feature is a problem for them but breaking people's workflow without a warning isn't a nice thing to do regardless.

    obligatory xkcd comic
»
7 months ago, # |
  Vote: I like it 0 Vote: I do not like it

Is there now any way to use polygon to prepare tasks and then import them from ejudge? Now it seems impossible. Each import from ejudge caused mail message with secure key/reference and there is no way to import them. My ejudge server is only ssh based and I can only use lynx (without success).

What can i do? I have more than 100 problems in polygon and it was very comfortable just import it to ejudge contests.

»
6 months ago, # |
  Vote: I like it 0 Vote: I do not like it

Please allow me to speak here. I found that I can't delete the list that was shared with me. I want to know how to delete it. Can someone tell me? QAQ