Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
watzon45877yThey just gave me all of the requirements for my brute forcing tool. Seriously WF is a joke.
-
Root797587ySomeone should write a utility that takes a list of "password requirements" and outputs a bruteforce count and time estimate.
-
gblues6187yThere might be some regulatory factor here. Like the 9-digit thing sounds like them trying to avoid people using their SSN as their password and this was the best they could come up with.
My favorite are the ones that prescribe an exact subset of acceptable special characters. Those are almost always smells that there’s an injection vulnerability behind it. -
Your challenge for the day is to write a regex string to match that. Including the clause regarding the three previous passwords
-
They have to make it so no one can break in and see all the fake accounts they set up 😂
Related Rants
Set up an account at Wells Fargo today and they told me the password requirements... This is a joke right?
rant
password
hashing
srsly?