Search results for tag #cybersecurity
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/113/419/993/741/057/192/original/d76a60b51a4bc03a.png)
This dumb password rule is from PayPal.
Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol...
The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things are meant to get better not worse!
https://dumbpasswordrules.com/sites/paypal/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.swecyb.com/accounts/avatars/109/338/499/630/485/212/original/1d767a82881088c2.jpeg)
In the words of my dear internet friend @cR0w
... path traversal ( ../ ) vulnerability in Smithery.ai, a popular Model Context Protocol (MCP) server hosting service.
Go hack some AI shit.
This dumb password rule is from ANZ Bank.
Your password needs to be between 8 and 16 characters long - no special characters allowed.
https://dumbpasswordrules.com/sites/anz-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/114/614/907/486/620/795/original/bca52df2bed67cb4.png)
🚀 The CybersecKyle Community is live! A friendly Discord where security + tech meet: news breakdowns, labs, tools, cloud/automation chats, chill coffee breaks, and so much more! Beginners → pros welcome.
Read more: https://www.kylereddoch.me/blog/the-cyberseckyle-community-is-live-security-and-tech-together/
This dumb password rule is from AirAsia.
- Between 8 and 16 characters
- Must contain a number, a lowercase letter, and an uppercase letter
- Special characters allowed, but not periods, commas, tildes, or angle brackets
https://dumbpasswordrules.com/sites/airasia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.social.openrightsgroup.org/system/accounts/avatars/109/382/359/215/932/523/original/ea34e4d5bb2b649c.png)
Open Rights Group » 🌐
@openrightsgroup@social.openrightsgroup.org
Message scanning powers are sleeping on the statute book. They must never get activated.
The UK government has already tried to make Apple put a backdoor in its encrypted services. It's clear they want to recklessly dismantle our cybersecurity protections.
We must save encryption to #PracticeSafeText 💬
#GlobalEncryptionDay #encryption #e2ee #privacy #cybersecurity #security #OnlineSafetyAct #ukpolitics #ukpol #surveillance
Powers in the UK Online Safety Act to introduce message scanning technology is far from an online safety measure. It's a gift to predators and stalkers❗
Forcing a backdoor into encrypted systems so everything we send can be scanned makes us vulnerable to anybody who wants to exploit that weakness.
#PracticeSafeText #GlobalEncryptionDay #encryption #e2ee #privacy #cybersecurity #security #OnlineSafetyAct #ukpolitics #ukpol #surveillance
Practice Safe Text for Global Encryption Day 🔒
Messaging apps we use to chat, share and plan shield us from scams, stalking and sextortion.
But the UK Online Safety Act contains a time bomb that lets the government break encryption for surveillance.
Find out more about our campaign ➡️ https://www.openrightsgroup.org/campaign/save-encryption/
#PracticeSafeText #GlobalEncryptionDay #encryption #e2ee #privacy #cybersecurity #security #OnlineSafetyAct #ukpolitics #ukpol #surveillance
Alt...
Image of a red and yellow message icon as a 3D baloon with a children crossing sign on the skin. Text reads: Save Encryption – Practice Safe Text.
Encryption scrambles what we send on messaging apps.
Only the person you’re talking to can make sense of it. That’s your chats, pics and deets for their eyes only.
This is how we protect kids, parents and people experiencing domestic abuse from those who want to use your private life against you.
#PracticeSafeText #GlobalEncryptionDay #encryption #e2ee #privacy #cybersecurity #security #OnlineSafetyAct #ukpolitics #ukpol #surveillance
This dumb password rule is from MTS Serbia.
MTS is a national mobile and internet provider in Serbia and they have bad password rules.
Translation: The password must have more than 6 character, less than 17 characters and one
of the following combinations: upper case or lower case letter and a number, upper case or
lower case letter and a ...
https://dumbpasswordrules.com/sites/mts-serbia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from myRTA.
The Roads and Traffic Authority's 'Online Services' website for New South Wales, Australia.
Password rules:
- Must be between 6 and *10* characters long
- Must be a combination of letters and numbers
- Cannot be the same as any of the previous two passwords, including the current password
- Is ca...
https://dumbpasswordrules.com/sites/myrta/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Virgin Trains.
Your password needs to be between 8 and 10 characters long. Previously
this would silently truncate the password without warning, causing
confusion when the password wouldn't work.
https://dumbpasswordrules.com/sites/virgin-trains/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.mastodon.social/accounts/avatars/114/368/991/106/654/640/original/53b5d06197b40028.png)
⚠️ ~200,000 Framework Linux laptops shipped with UEFI components that can bypass Secure Boot 🖥️
A signed mm command allows memory edits, disabling signature checks & enabling persistent bootkits 🔐
Not a breach—an oversight. Fixes are rolling out. Users should update firmware or apply mitigations 🔧
#TechNews #Linux #Cybersecurity #Framework #UEFI #SecureBoot #Security #Firmware #Privacy #OpenSource #Vulnerability #Update #Patch #Laptop #Technology
This dumb password rule is from BMW ConnectedDrive.
Although the prompt suggests good things, after many failed attempts to
set a new password, it turns out you can ONLY use the special characters
shown in the prompt
https://dumbpasswordrules.com/sites/bmw-connecteddrive/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.mastodon.social/accounts/avatars/108/225/684/829/323/574/original/d39c492865db3aae.jpeg)
Reminder – Microsoft deliberately chose to ignore the vociferous warning of their head of #cybersecurity which is why #solarWinds could happen https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers I missed my train stop (on the way to give a talk! had to take a taxi back!) reading that scoop. Why does no one talk about it? Why do people trust Microsoft for cybersecurity? 2/2
This dumb password rule is from Bloomingdale's.
16 characters maximum, no `.` `,` `-` `|` `/` `=` or `_` allowed.
https://dumbpasswordrules.com/sites/bloomingdales/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Arbeitnehmeronline.
Service for managing employment documents of the German company Datev.
Only the following character categories are allowed: Letters, numbers and this special
characters set: !#$%&()*+,-./:;<=>?@[\]^_`{|}~äöüßÄÖÜ
https://dumbpasswordrules.com/sites/arbeitnehmeronline/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from LepidaID.
Password must:
- be 8 to 16 characters in length
- contain at least 1 upper-case character
- contain at least 1 lower-case character
- contain at least 1 number
- contain at least 1 non-alphanumeric character
- not contain more than 2 of the same consecutive characters
- not contain any public da...
https://dumbpasswordrules.com/sites/lepidaid/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Costco.com.
Due to Costco's short max password length of 16 characters, I strongly recommend using a password manager to make a random password to satisfy all of these conditions below:
* Use between 8 and 16 characters
* Include at least one lowercase (a-z) and one uppercase letter (A-Z)
* Include at least ...
https://dumbpasswordrules.com/sites/costco-com/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/114/665/088/135/090/627/original/78d2fcb7bc142600.jpeg)
I'm joining @cheri_alliance@cheri_alliance@infosec.exchange as an ambassador, working to transform cybersecurity at its foundation.
Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed and the 2024 CrowdStrike outage ($5.4 billion in losses). CHERI technology, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.
The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.
I'm particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.
Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe. As we deploy AI and connect critical infrastructure, we can't afford to keep patching symptoms. CHERI addresses the root cause.
Join us in building secure-by-design systems. The Alliance welcomes all who share this vision. Let's stop playing defense and fundamentally solve memory safety.
#Cybersecurity #CHERI #MemorySafety #SecureByDesign
This dumb password rule is from Southwest.
Password must be between 8 and 16 characters in length and include at least one uppercase letter
and one number. Certain special characters are also allowed, but the first character of the password must be alphanumeric.
https://dumbpasswordrules.com/sites/southwest/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Advanzia.
- Requires at least 6 to a maximum of 12 characters [sic!]
- Allows only digits and letters without umlauts
- Allows only specific special characters: ? ! $ \u20AC% & * _ = - +. ,:; / () {} [] ~ @ #
- Allows no spaces"
https://dumbpasswordrules.com/sites/advanzia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Red Hat.
Symbols. You keep using that word. I don't think it means what you think
it means.
https://dumbpasswordrules.com/sites/red-hat/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Whitcoulls.
Your password must:
- be between 7 and 15 characters
- contain a capital letter
- have no spaces (shown only when you go to change it)
https://dumbpasswordrules.com/sites/whitcoulls/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from A1.net.
- At least 8 and at most 16 characters
- At least 1 digit
- At least 1 uppercase letter
The password must not contain your first name, surname or username.
The allowed special characters are: ! @ # % ^ & * _.
https://dumbpasswordrules.com/sites/a1-net/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/070/798/original/d20ead2f85c91066.jpg)
@daedalus Generally speaking, “resilience” and “recovery” are the #cybersecurity equivalent of “shift security right.” Nobody is interested in prevention any more. Only #security wonks still say “shift security left.”
Modern businesses have realised that only a fraction of the reckless risks actually materialise. So they’re picking up their plates and joining the queue at the all-you-can-eat risk buffet.
“Clean up on aisle 5” when things blow up feels cheaper to them than the opportunity cost of a risk they didn’t take. This is why I can’t be CEO.
This dumb password rule is from Vietnam Airlines.
`[[:alnum:]]{6,8}`
https://dumbpasswordrules.com/sites/vietnam-airlines/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Slovenska sporitelna.
Slovenska sporitelna is the biggest bank in Slovakia. Despite pretty new version of the internet banking (rolled out in 2018), their password policy restricts password to be 16 characters long at most and prohibits any special characters.
https://dumbpasswordrules.com/sites/slovenska-sporitelna/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Afraid.org FreeDNS.
Password must be between 4 and 16 characters long
https://dumbpasswordrules.com/sites/afraid-org-freedns/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Inria.
This is the account for those who work at [Inria](https://www.inria.fr/)
"the French national research institute for
the digital sciences".
You have to wonder what's wrong with these special characters but not
the other ones.
- Password expiration once a year
- Your password must contain at leas...
https://dumbpasswordrules.com/sites/inria/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Wells Fargo.
Your password must be between 8-32 characters long and inexplicably doesn't accept `-` but does seemingly accept other special characters.
https://dumbpasswordrules.com/sites/wells-fargo/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Microsoft (e company store).
Max of 16 character oh and please don't use any characters we don'y know how to escape properly
also if it starts with ? you may break our wonderful website. What out with your password generator
duplicated characters is far too insecure to allow here.
https://dumbpasswordrules.com/sites/microsoft-e-company-store/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Credit Union Australia (CUA) Health.
Password must be between 7 and 10 characters, contain both an uppercase and a lowercase letter and have at least one number.
https://dumbpasswordrules.com/sites/credit-union-australia-cua-health/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from A1.net.
- At least 8 and at most 16 characters
- At least 1 digit
- At least 1 uppercase letter
The password must not contain your first name, surname or username.
The allowed special characters are: ! @ # % ^ & * _.
https://dumbpasswordrules.com/sites/a1-net/
#password #passwords #infosec #cybersecurity #dumbpasswordrules