Search results for tag #cybersecurity
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/113/419/993/741/057/192/original/d76a60b51a4bc03a.png)
This dumb password rule is from Aruba Cloud.
Must be different from the last 3 passwords used.
Your password must contain at least an uppercase and lowercase letter and number.
Must contain at least one special symbol.
https://dumbpasswordrules.com/sites/aruba-cloud/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.pan.rent/accounts/avatars/109/393/497/952/657/874/original/d14a71e9f0e80a62.webp)
I know antivirus software is business bullshit, but I don’t know any reliable source that has an explanation of this, I mostly based this knowledge on vibes…
Does anyone have any resources to share about this? Are antiviruses actually useless and dead?
This dumb password rule is from University of Windsor.
The password policy applies to alumni as well. Must be at least 10
characters long, with at least 1 upper case and 1 lower case
character, at least 1 number, at least 1 special character. Password
expires every 120 days, and you can't reuse an old one.
https://dumbpasswordrules.com/sites/university-of-windsor/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://climatejustice.social/system/accounts/avatars/115/775/949/234/220/445/original/149b45df4eb28db2.png)
Convenience is the enemy of Sovereignty
#FOSS #OpenSource #GNULinux #GNU #Linux #Privacy #Security #CyberSecurity
This dumb password rule is from Raiffeisen Bank Serbia.
There are a couple of password limitations when creating a new account (and
changing existing password) on Raiffeisen Bank Serbia on-line banking portal.
Password length is limited to minimum 8 and maximum 32 characters. Also, minimum
uppercase letters 1, minimum lowercase letter 1, minimum digit...
https://dumbpasswordrules.com/sites/raiffeisen-bank-serbia/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Slovenska sporitelna.
Slovenska sporitelna is the biggest bank in Slovakia. Despite pretty new version of the internet banking (rolled out in 2018), their password policy restricts password to be 16 characters long at most and prohibits any special characters.
https://dumbpasswordrules.com/sites/slovenska-sporitelna/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
Is it 2026 or 2006? I just went to harden my PayPal account with my new review units.
Turns out, PayPal still only supports one physical security key. No backups allowed. If you want redundancy, they force you back to TOTP apps or (worse) SMS.
#CyberSecurity #FIDO2 #Yubico #Nitrokey #Privacy #Security #TerminalTilt #FinTechFail #Token2 #Banking #Money
Alt...
A screenshot of the PayPal "Manage 2-step verification" settings page. It shows 2 step verification is ON, with a "YubiKey 5C NFC" listed as the only primary device. Under the "Your backups" section, only a "Third-party code generator" authenticator app is listed, with no option to add additional backup security keys.
This dumb password rule is from PayPal.
Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol...
The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things are meant to get better not worse!
https://dumbpasswordrules.com/sites/paypal/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://cdn.mstdn.ca/accounts/avatars/000/000/001/original/ae840240160f93c6.jpg)
[If you've purchased from Canada Computers in the last month or so, your credit card may be compromised.
More here: https://www.reddit.com/r/bapccanada/comments/1qk4axy/canada_computers_online_card_skimmer/
This dumb password rule is from Thames Water.
Can only use the "special" characters on that very limited list, excluding symbols so exotic as an underscore, even. This is despite their own strength checker saying the password is strong.
https://dumbpasswordrules.com/sites/thames-water/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.swecyb.com/accounts/avatars/109/338/499/630/485/212/original/1d767a82881088c2.jpeg)
So... appears to be some new Fortinet vulnerability currently exploited in the wild?
@cR0w What have you done now? I thought you stopped doing ../ ?!
https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios
This dumb password rule is from University of Texas at Austin.
Because of the last two rules, which ban dictionary words and any
variants using symbol substitutions, *neither* of the passwords
presented in the [xkcd comic](https://xkcd.com/936/) are allowed.
https://dumbpasswordrules.com/sites/university-of-texas-at-austin/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://social-cdn.vivaldi.net/system/accounts/avatars/114/796/757/065/908/894/original/e260506fec8bb27e.jpeg)
⚠️🚨 STOP Using Social Media Platform Hootusite
👉 They Partnered with ICE 👈
"A Hootsuite employee mentioned geolocation, saying the company could drill down to street-level data."
Note: There are Four articles in this post including a Bypass Paywall to the Globe and Mail
"While Hootsuite is based in Canada, it has hundreds of employees globally, including CEO Irina Novoselsky who is based in N.Y City. The company serves major brands like Adobe and Ikea and more .."
h/t @tod
#Luxembourg #Talkwalker
#Canada #USA #Resist #SocialMedia
#Hootsuite #FB #TikTok #Threads #YouTube #Twitter #WhatsApp #Bluesky
#Pintrest #CyberSecurity #AI
You will also want to read this link👇
Bypass paywall : Globe and Mail Article https://removepaywalls.com/https://www.theglobeandmail.com/business/article-hootsuite-canada-vancouver-ice-social-media-contract/
Link to Hootsuite website: https://www.hootsuite.com/platform/integrations
This dumb password rule is from TreasuryDirect.
Will allow most passwords longer than 8 characters. Doesn't tell you there is a
maximum length of 16 characters. Then forces you to type it with an on-screen keyboard
with no capital letters.
https://dumbpasswordrules.com/sites/treasurydirect/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Wageworks.
In addition to the following rules regarding passwords...
- 8-20 characters in length
- Include at least 4 of the following: lowercase letter, uppercase letter, number AND symbol
- Not include your last name, first name or space
Your new password should be different from your previous twenty pas...
https://dumbpasswordrules.com/sites/wageworks/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Boligøen (Danish resident renting bureau).
Red text: "Your password has to be at least 6 characters, but NOT over 20 characters."
https://dumbpasswordrules.com/sites/boligoen-danish-resident-renting-bureau/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Benergy4.
12 to 25 characters, only these special chars allowed: @+/'!#$^?:,.(){}[]~-.
Also, security questions.
https://dumbpasswordrules.com/sites/benergy4/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from TreasuryDirect.
Will allow most passwords longer than 8 characters. Doesn't tell you there is a
maximum length of 16 characters. Then forces you to type it with an on-screen keyboard
with no capital letters.
https://dumbpasswordrules.com/sites/treasurydirect/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Gebührenfrei MasterCard.
The new password can only have 6-12 characters. It *may* contain letters, numbers and a fixed set of special characters.
https://dumbpasswordrules.com/sites/gebuehrenfrei-mastercard/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Netflix.
[The help page](https://help.netflix.com/de/node/54078)
and the [password reset page](https://www.netflix.com/password) say:
Ihr Passwort muss zwischen 4 und 60 Zeichen lang sein und darf keine Tilde (~) enthalten.
https://dumbpasswordrules.com/sites/netflix/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Seur.
Password must be between 8 and 12 characters...
Also no symbols are allowed. But this isn't displayed.
https://dumbpasswordrules.com/sites/seur/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Thames Water.
Can only use the "special" characters on that very limited list, excluding symbols so exotic as an underscore, even. This is despite their own strength checker saying the password is strong.
https://dumbpasswordrules.com/sites/thames-water/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from EllieMae Access.
Must reset password every 6 months and password requirements are not displayed _anywhere_.
Reset uses a Security Question, and you have to choose from a list of 5.
https://dumbpasswordrules.com/sites/elliemae-access/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Kryterion Webassessor.
I was quite surprised to see this when I was registering for my Google Professional Cloud **Security** Engineer certification. Nice part is that they **don't allow quotes** as special character, so I assume there possibly might be some other issues on their backends. :-)
https://dumbpasswordrules.com/sites/kryterion-webassessor/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Mobi Bike Share.
Your PIN (which is the password you use to login, which lets you, say, buy hundreds of dollars worth of bike-share subscriptions off the saved credit card) must be four numeric digits. Helpfully, they even give you an example of a PIN: *1234*.
https://dumbpasswordrules.com/sites/mobi-bike-share/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from SecureAccess Washington.
Central authentication for all Washington State services
(DoL, ESD, etc).
Password must have *exactly* 10 characters, but form happily
lets you enter more and only throws errors after submit,
providing no useful feedback.
https://dumbpasswordrules.com/sites/secureaccess-washington/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from PayPal.
Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol...
The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things are meant to get better not worse!
https://dumbpasswordrules.com/sites/paypal/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Mobility.
The username is the customer number, which is sequential and cannot be changed, currently 7 digits long for new customers.
The password has to be exactly 6 digits long, only numbers allowed.
https://dumbpasswordrules.com/sites/mobility/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Replit.
Forces to use minimum 8 characters in the password and it must contain at least one uppercase.
https://dumbpasswordrules.com/sites/replit/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.mastodon.social/accounts/avatars/000/007/112/original/388649acb2026701.webp)
🆕 blog! “Responsible Disclosure: Chimoney Android App and KYCaid”
Chimoney is a new "multi-currency wallet" provider. Based out of Canada, it allows users to send money to and from a variety of currencies. It also supports the new Interledger protocol for WebMonetization.
But it has a security flaw which cannot be ignored.
👀 Read more: https://shkspr.mobi/blog/2026/01/responsible-disclosure-chimoney-android-app-and-kycaid/
⸻
#android #CyberSecurity #ResponsibleDisclosure #security #WebMonetization
This dumb password rule is from Telekom/T-Systems MyWorkplace.
Telekom's MyWorkplace is a Single Sign On / login hub for their
Open Telekom Cloud which is basically an Amazon AWS clone. It's
rather new and especially for business customers. Especially
because it is for business customers, there's absolutely no reason
to limit a password to 16 characters. Eve...
https://dumbpasswordrules.com/sites/telekomt-systems-myworkplace/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.mastodon.social/accounts/avatars/000/007/322/original/b75330fa75e75efd.jpg)
RE: https://social.overheid.nl/@AdviescollegeICTtoetsing/115889018050952093
Mijn werkgever, @AdviescollegeICTtoetsing , zit nu ook op Mastodon 😃
#AcICT #rijksoverheid #ict #digitalisering #cybersecurity
This dumb password rule is from Green Flag.
- 8 to 10 characters
- No special characters
https://dumbpasswordrules.com/sites/green-flag/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Easybank (Austrian direct bank).
- At least 8 and at most 16 (!) characters
- **Must start with 5 digits (do we really want to know what's going on there?)**
- At least one uppercase and one lowercase letter
- (Some) special characters are permitted, most are not
- "Simple" patterns are prohibited
- PINs are case sensitive (at l...
https://dumbpasswordrules.com/sites/easybank-austrian-direct-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from CENLAR.
Your password can meet all the requirements in the list and still be invalid due to
an unspecified rule: any "special characters" that are not listed in the help text
are not allowed. Worse, it provides no useful feedback other than the "New Password"
field is red.
https://dumbpasswordrules.com/sites/cenlar/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://media.mastodon.scot/accounts/avatars/109/318/532/504/799/614/original/403026568ed524d5.jpeg)
Do as you are tell not as we do
UK Government write wrote large.
This dumb password rule is from M and M Direct.
- Maximum length of 24 characters
- Cannot contain special characters, eg. ! # $ " @
https://dumbpasswordrules.com/sites/m-and-m-direct/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
![[?]](https://files.social.openrightsgroup.org/system/accounts/avatars/109/382/359/215/932/523/original/ea34e4d5bb2b649c.png)
The UK needs digital sovereignty to keep our communications, banking, energy, travel and healthcare systems secure.
If we stay dependent on foreign tech firms for our digital infrastructure, the UK risks its independence and resilience.
Sign our petition ⬇️
https://you.38degrees.org.uk/petitions/stop-trump-s-kill-switch-secure-our-digital-sovereignty
The future doesn’t need to be orange.
Foreign States have been using their control over digital infrastructure to wield power.
Even historic allies aren’t reliable.
We need #DigitalSovereignty in the UK to keep our systems running.
Read more about our campaign ⬇️