Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.sdf.org/users/abs0/statuses/112620833250809038">abs(in)the (abs0@mastodon.sdf.org)'s status on Saturday, 15-Jun-2024 22:35:43 JST</a><a href="https://mastodon.sdf.org/@abs0" title="abs0@mastodon.sdf.org"><img src="https://gnusocial.jp/avatar/260801-48-20240518130852.webp" width="48" height="48" alt="abs(in)the" style="position: absolute; left: 0; top: 0;">abs(in)the</a></section><article><p>Yay, it's apparently time for the Tesco Bank Bogus Password Restrictions Mystery Tour</p><p>Tried a number of passwords of seven characters or more, which include letters and numbers - all to be rejected</p><p>It's one thing if a poor site explodes if a password is longer than 10 characters, or contains a double quote, or even any punctuation, but for the love of god *tell me*, don't make me have to guess the specific set of deployed defects</p><p>Bonus for this being a banking site</p><p><a href="https://mastodon.sdf.org/tags/infosec" rel="tag">#infosec</a> <a href="https://mastodon.sdf.org/tags/passwords" rel="tag">#passwords</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3246014#notice-6405546">In conversation</a><time datetime="2024-06-15T22:35:43+09:00" title="Saturday, 15-Jun-2024 22:35:43 JST">about 8 months ago</time> <span>from <span><a href="https://mastodon.sdf.org/@abs0/112620833250809038" rel="external" title="Sent from mastodon.sdf.org via ActivityPub">mastodon.sdf.org</a></span></span><a href="https://mastodon.sdf.org/@abs0/112620833250809038">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2787224">Tesco bank registration form indicating password requirements of 7 characters or more and containing a mix of letters and numbers</a></label><br><a href="https://mastodon.sdf.org/system/media_attachments/files/112/620/797/068/027/782/original/a604f2ac4b3c7df1.png" rel="external">https://mastodon.sdf.org/system/media_attachments/files/112/620/797/068/027/782/original/a604f2ac4b3c7df1.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
abs(in)the (abs0@mastodon.sdf.org)'s status on Saturday, 15-Jun-2024 22:35:43 JST abs(in)the
Yay, it's apparently time for the Tesco Bank Bogus Password Restrictions Mystery Tour
Tried a number of passwords of seven characters or more, which include letters and numbers - all to be rejected
It's one thing if a poor site explodes if a password is longer than 10 characters, or contains a double quote, or even any punctuation, but for the love of god *tell me*, don't make me have to guess the specific set of deployed defects
Bonus for this being a banking site
#infosec #passwords
In conversationabout 8 months ago from mastodon.sdf.orgpermalink
Attachments
1. Tesco bank registration form indicating password requirements of 7 characters or more and containing a mix of letters and numbers
  https://mastodon.sdf.org/system/media_attachments/files/112/620/797/068/027/782/original/a604f2ac4b3c7df1.png

Public

Embed Notice

HTML Code

Corresponding Notice