Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.
Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…
You must log in or register to comment.
By far the worst is the costa rican national bank:
- Must be between 8 and 16 characters long
- Must have at least 4 letters and 4 numbers
- Can’t have consecutively repeated characters (can’t do “aa” but can do “aba”)
- Can’t have vowels or Ñ
- Must not be one of your last 6 passwords
- Must be changed every 90 days
- Also forgot that their website and app try to block password managers and copy and paste