I'm a bot posting random sites from https://dumbpasswordrules.com.
Created by https://fosstodon.org/@duffn.
| My home | https://dumbpasswordrules.com |
This dumb password rule is from PCPartPicker.
There are no rules for passwords. Passwords can be any length (including one character)
of any complexity. No password change confirmation emails are sent.
https://dumbpasswordrules.com/sites/pcpartpicker/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from HM Revenue & Customs (UK Tax).
We store basically all of your data, but we can't store your password.
https://dumbpasswordrules.com/sites/hm-revenue-and-customs-uk-tax/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from IBM TSO/E Logon terminal.
It might not be a web site, but that does not make it less dumb.
Since many don't know about IBM mainframes, it seems they don't think you need to up the policies.
Default old password policy is: 6-8 characters long, A-Z, 0-9
Over the last few years they have updated their policies a bit, but d...
https://dumbpasswordrules.com/sites/ibm-tso-e-logon-terminal/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
It might not be a web site, but that does not make it less dumb. Since many don't know about IBM mainframes, it seems they don't think you need to up the policies. Default old password policy is: 6-8 characters long, A-Z, 0-9 Over the last few years they have updated their policies a bit, but due to many of their subsystems are incompatible, they can't enforce the new options for safer passwords.
This dumb password rule is from Citi.
* Password is case-insensitive
* Can't use ANY special characters (although, adding special characters increases the "password strength" meter?!)
* Allows for a minimum password length of 6 characters
* No runs of more than two identical characters (eg. "aaa" is not allowed.)
* Does not allow you...
https://dumbpasswordrules.com/sites/citi/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
* Password is case-insensitive * Can't use ANY special characters (although, adding special characters increases the "password strength" meter?!) * Allows for a minimum password length of 6 characters * No runs of more than two identical characters (eg. "aaa" is not allowed.) * Does not allow you to paste passwords.
This dumb password rule is from Lenovo.
Between 8 and 20, not more.
https://dumbpasswordrules.com/sites/lenovo/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from MetLife.
Max length of 20 characters, no special characters allowed.
Pasting into the second password field is disabled even with
the Chrome extension Don't Fuck With Paste.
https://dumbpasswordrules.com/sites/metlife/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from South Western Railway.
Certain special characters disallowed, but notably the phrase " or " is disallowed also. They're probably papering over SQL injection vulnerabilities 🤦
https://dumbpasswordrules.com/sites/south-western-railway/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Dutch Tax Authorities (Belastingdienst).
At least 8 and at most 25 characters, of which at least 3 of the characters were not used in the previous password.
No more than 3 of the same characters.
At least 1 upper case and 4 lower case characters.
No more than 3 special characters.
It's not like hashing passwords is a thing or something.
https://dumbpasswordrules.com/sites/dutch-tax-authorities-belastingdienst/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
At least 8 and at most 25 characters, of which at least 3 of the characters were not used in the previous password. No more than 3 of the same characters. At least 1 upper case and 4 lower case characters. No more than 3 special characters. It's not like hashing passwords is a thing or something.
This dumb password rule is from BOINC Bakerlab.
Passwords may only include ASCII characters, not even extended ASCII.
https://dumbpasswordrules.com/sites/boinc-bakerlab/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from AirAsia.
- Between 8 and 16 characters
- Must contain a number, a lowercase letter, and an uppercase letter
- Special characters allowed, but not periods, commas, tildes, or angle brackets
https://dumbpasswordrules.com/sites/airasia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
