This dumb password rule is from Dell.
Okay at least 6, that's alright I guess.
Oh at least one number and one letter, bit dumb but hey not that dumb.
But hiding the fact that it has a max of 20, now THAT is dumb!
This dumb password rule is from Replit.
Forces to use minimum 8 characters in the password and it must contain at least one uppercase.
This dumb password rule is from Kryterion Webassessor.
I was quite surprised to see this when I was registering for my Google Professional Cloud **Security** Engineer certification. Nice part is that they **don't allow quotes** as special character, so I assume there possibly might be some other issues on their backends. :-)
This dumb password rule is from T-Mobile.
We prefer to not tell you which characters you can use up front.
This dumb password rule is from United Airlines.
Security questions (and their answers!) must both be picked from dropdown
menus with a limited number of answers and there is no option for unique
answers.
This dumb password rule is from Electronic Arts (EA).
Your password must be 8 - 16 characters, and include at least one lowercase letter, one uppercase letter, and a number.
This dumb password rule is from My Prepaid Center.
Only six legal special characters; maximum password length is 20 characters.
This dumb password rule is from ING a dutch bank in almost 50 countries.
Max 20 characters, must have one number, one upper case character and one lower case character.
You can only use certain special characters.
When i asked about it they answer that it's really hard to change it.
When i asked if the password is saved as a hash or just plain they send the answer to ...
https://dumbpasswordrules.com/sites/ing-a-dutch-bank-in-almost-50-countries/
This dumb password rule is from Seur.
Password must be between 8 and 12 characters...
Also no symbols are allowed. But this isn't displayed.
This dumb password rule is from Oracle.
*Should not* or *must not*? RFC 2119 may want a word with you.
@evangreer @fightforthefuture.org @bsky.app @guardianproject @internetarchive @torproject @signalapp @session @simplex @freedomofpress @eff @privacysafe 
#PrivacySafe Bot: Strong #passwords made simple.
Whether you’re setting up devices and user access ahead of time or recovering from a breach, get cryptographically strong passwords & #passphrases — right in your browser, on your device, never stored on a server.
https://bitsontape.com/p/password-bot-security
This dumb password rule is from Bloomingdale's.
16 characters maximum, no `.` `,` `-` `|` `/` `=` or `_` allowed.
If you have a #google account and navigate to https://passwords.google.com you will be able to activate a "on-device-encryption" this option encrypts your #passwords before they are stored in the google password manager.
Yes, the google password manager apparently stores your passwords in clear text. This is kind of a #security nightmare.
And while you are on that settings page: You can also disable the use of the google password manager and export and maybe also delete your stored data.
This dumb password rule is from MobileIron MDM.
You can't make this up - no dictionary words, no more than 2 repeating
characters, no alphabetic sequences, no whitespace, 3 character sets,
maximum of 32 characters.
This dumb password rule is from Southwest.
Password must be between 8 and 16 characters in length and include at least one uppercase letter
and one number. Certain special characters are also allowed, but the first character of the password must be alphanumeric.
This dumb password rule is from Ticketmaster.de.
Your password length is limited between 8 and 32 characters.
This dumb password rule is from Dutch Tax Authorities (Belastingdienst).
At least 8 and at most 25 characters, of which at least 3 of the characters were not used in the previous password.
No more than 3 of the same characters.
At least 1 upper case and 4 lower case characters.
No more than 3 special characters.
It's not like hashing passwords is a thing or something.
https://dumbpasswordrules.com/sites/dutch-tax-authorities-belastingdienst/
It's not 2FA, MFA, nor passkeys, but it'll let you (and everyone else) create better passwords 
"Random Password Generator. No cookies, no trackers. Just passwords."
Free to use, free to self-host.
#infosec #passwords #cybersec #cybersecurity #devops #security #opensource #oss #foss #privacy
This dumb password rule is from Targobank.
Your password must:
- must not be your username
- must at least eight characters
- must contain at least one number character
- must contain at least one uppercase character and 1 lowercase character
- must not contain spaces
- must not contain three identical characters in a row
- must not conta...
