Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.
Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…
Passwords that must contain a special character, but only from a list of three special characters.
Passwords that must be changed every 3 months.
Absurdly narrow length requirements, im 80% sure I saw one that required 8-16 characters.
All dictionary words were banned from being in a password regardless of length, so passphrases weren’t allowed.
I’ve definitely had one that was 8-12 characters before…
deleted by creator
It’s always quote unquote fun finding out what words are and are not in their dictionary. I got by using a bunch of nerd words, but apparently Aragorn is not allowed.