I don't normally cross-post, but this was just too funny.

From TheDailyWTF:

DBA:  Do you want usernames to be unique?
Developer:  Yes

(next day)

DBA: Should passwords be unique as well?
Developer:  No

(later that day)

DBA: Shouldn't we require passwords to be unique?
Developer: No
DBA:  Are you sure?
Developer: < 15 minutes of explanation as to why different users are not required to have different passwords, just usernames>

(next day)

DBA:  Your procedure doesn't return a specific error message.
Developer:  It's a security issue, and should only return "Invalid Username/Password Combo."
DBA:  So if they get the username wrong, but the password correct you're not going to display a specific message?

Full text found here.