25

"Set your new password.
Please don't use special characters or symbols"
😳

Comments
  • 2
    #$%& *##
  • 1
    @Demolishun Totally invalid. You can't write even a dot .
  • 1
    @cafecortado I was swearing at them.
  • 8
    Plain text password database spotted
  • 2
    Password must be 8-20 characters :)
  • 2
    @SuspiciousBug

    Goofy, Tom, Jerry, Daffy, Sleepy, Snow White, Papa Smurf, Kirito
  • 1
  • 1
  • 3
    Used to be a good sign the password is transmitted over XML somewhere, like an old SOAP web service. Special characters often broke the XML, and made for spectacular vulnerabilities.
  • 4
    The customer support guys were asking me to make it so passwords could be 7 characters long without special characters. Apparently the customers struggle to manage and remember passwords.
    I don't even know how fucking dumb you have to be, the browser stores shit for you but not even that is good enough. I gave up and will use social login, not my problem anymore if they can't login.
  • 3
    I actually don't get those stupid policies. A 32 char pure alphanumeric password is already orders of magnitude harder to brute force than 8 chars including specials...

    And long passwords can easily be remembered through mnemotechnics...
  • 4
    Oh dear. I use 50 char passwords with lower, upper, numbers and symbols. I get absolutely angry when they don't let me use my password pattern
  • 2
    @Nanos Even worse are the code search features of, for example, Bitbucket. It completely ignores any symbols, even if you quote your search terms.

    It ignores symbols. _In a code search._
  • 1
    @devphobe base64 works wonders for those edge cases.
  • 1
    @KryptonTurtle often I generate weaker o passwords just because I had to mess with the settings for some stupid bullshit pattern
  • 0
    What's the min and max limits?

    If they're high this could theoretically be a dev who's tried to force the CorrectHorseBatteryStaple-rule onto their users.

    If the limits are low you could be dealing with lazy ass devs who used the incorrect DB field type.
Add Comment