12
ddephor
5y

Password guidelines...

Just got an online account for an insurance:
Allowed characters for password are a-z, A-Z, 0-9.
Really?
I tried special characters, maybe they just forgot to mention them. Doesn't work, "Password not valid".

Comments
  • 4
    Had to create an account with a local carrier and was forced to use up to 7 chars long password which is restricted to alphanumerical only input with at least one uppercase and one number. I guess I was left with very few options. No idea who makes all this nonsense restrictions based on some database “performance” requirements.
  • 1
    The fuck? Really?
  • 2
    I mean, that's really not that bad, if we assume that they allow/require long enough passwords. 15 chars and decent encryption can go a long way against most brute force attacks.

    Unfortunately though, bad password requirements are often matched by equally bad security practices...
  • 4
    "OuR hAsH fUnCtIoN dOeS nOt AcCePt SpEcIaL cHaRaCtErS"
  • -1
    I shoved my devrant.com duck in my asshole
  • 2
    I came across a site where the password had to start with a capital letter... Really?
  • 2
    In fact it's not the worst password guideline I encountered. Another insurance company only allows a PIN (numeric), but at least more than 4 digits.

    From my experience, banks and insurances have the worst password guidelines.

    But by going through all accounts with bad passwords I just found out that my bank account, which used to only allow a PIN in the past now also allows a real password with a lot of special characters.
  • 1
    Online Banking in Germany and you are only allowed to have a Max password length of 5 characters and only numbers and letters
Add Comment