I don't normally cross-post, but this was just too funny.
From TheDailyWTF:
DBA: Do you want usernames to be unique?
Developer: Yes(next day)
DBA: Should passwords be unique as well?
Developer: No(later that day)
DBA: Shouldn't we require passwords to be unique?
Developer: No
DBA: Are you sure?
Developer: < 15 minutes of explanation as to why different users are not required to have different passwords, just usernames>(next day)
DBA: Your procedure doesn't return a specific error message.
Developer: It's a security issue, and should only return "Invalid Username/Password Combo."
DBA: So if they get the username wrong, but the password correct you're not going to display a specific message?
Full text found here.