Comment by abustamam
9 days ago
I recommend all my friends and family to use a password manager like Bitwarden, and if they can't do that for some reason, at least use a 3-word passphrase separated by a hyphen.
The amount of times people have complained to me that this doesn't work because of low max-chars on passwords is insane.
One time I had to reset my password with the power company - they had such a system, and the lady had to read me something like:
Uh4zB4DP55WD!
Apparently I was a bit salty with the system when I set it.
The fact that she shouldn't have even been able to look up the password in the first place due to hashing was lost on her.
That's pretty funny on a few levels, not in the least that they required a "secure" password like that but stored them in plain text.
I regularly conduct transactions at the branch of my local bank wherein they ask me for no credentials whatsoever. I also once forgot to bring my account number with me and the teller said "no worries, I'll look it up for you." Kind of horrifying.
4 replies →
My bank’s password field is case insensitive. Of course they could have lowercased it before hashing but I doubt it.
1 reply →
Yeah I was a bit shocked... like... you're not supposed to know that!