Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.

Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…

  • qantravonEnglish
    81 day ago

    Most absurd was from a job I had in college. This was the password to log into an ancient dumb terminal (literally a monochrome black and green display) on a local-only network that only handled our time clock.

    Requirements:

    • 8 characters exactly
    • You supply the first 4, the system generated the last 4
    • I can’t remember if it allowed numbers, but there were definitely no special characters and I think it was also case-insensitive

    Required to change password every 30 days.