Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.

Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…

  • lama@lemmy.world
    12·
    14 hours ago

    By far the worst is the costa rican national bank:

    • Must be between 8 and 16 characters long
    • Must have at least 4 letters and 4 numbers
    • Can’t have consecutively repeated characters (can’t do “aa” but can do “aba”)
    • Can’t have vowels or Ñ
    • Must not be one of your last 6 passwords
    • Must be changed every 90 days
    • Also forgot that their website and app try to block password managers and copy and paste