This dumb password rule is from Coil.

Does not allow simple characters and sequences such as '4587' or 'efgh' in password & necessarily requires numeric values.

https://dumbpasswordrules.com/sites/coil/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Copyright.gov.

I wonder if they cooperate with NSA to enforce the password rules.

https://dumbpasswordrules.com/sites/copyright-gov/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

RE: https://infosec.exchange/@spamhaus/116013190680647542

Folks: block the .ru TLD any and all ways that you can. #cybersecurity

This dumb password rule is from Trenord.

- Password must consist of 8-16 characters
- Must contain 3 out of 4 of the following: lowercase characters, uppercase character, digits (0-9), and one or more of the following symbols: @#$%^&*-_+=[]{}|\:',?/`~“();.

https://dumbpasswordrules.com/sites/trenord/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Pam360.

"Enterprise privileged access management has never been easier."

- Must be 8 to 16 characters in length
- Must have mixed case alphabets
- Must have at least 1 upper and 1 lower case character(s)
- Must have at least 1 number(s)
- Must have at least 1 special character(s)
- Must star...

https://dumbpasswordrules.com/sites/pam360/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Sparda-Bank.

Sparda is a group of German banks. They all use the same login form (except for Sparda-Bank Berlin, see below). Their equivalent of a password is called *Online-PIN*. As the name implies, only digits are allowed. (*Zifferneingabe* means "digit input"; it opens an on-screen number pad widget.)

No...

https://dumbpasswordrules.com/sites/sparda-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from European Union Intellectual Property Office.

- The password must be between 8 and 30 characters, containing at least a digit [0-9], a lower case letter [a-z], an upper case letter [A-Z] and one of [!@#$%&*,.] characters

https://dumbpasswordrules.com/sites/european-union-intellectual-property-office/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from AmiAmi.

Your password needs to be between 6 and 12 characters long, must contain only letters and numbers.

https://dumbpasswordrules.com/sites/amiami/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

#it #technology #infrastructure #ipv4 #ipv6 #dns #networking #devops #itmemes #networkengineer #cybersecurity #womenintech #uwu #dns

source: https://www.instagram.com/reel/DUTSLcjkfJn/

This dumb password rule is from Easybank (Austrian direct bank).

- At least 8 and at most 16 (!) characters
- **Must start with 5 digits (do we really want to know what's going on there?)**
- At least one uppercase and one lowercase letter
- (Some) special characters are permitted, most are not
- "Simple" patterns are prohibited
- PINs are case sensitive (at l...

https://dumbpasswordrules.com/sites/easybank-austrian-direct-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

https://www.youtube.com/watch?v=_3okhTwa7w4

video: How #AI Agents Ignore 40 Years of #Security Progress

#infosec #cyber #cyber #cybersecurity

This dumb password rule is from Tanishq.

Password must contain:
- 6 to 16 characters.
- At least one special character (@, #, $, %, * and & only).
- At least one alphabet.
- At least one number.

https://dumbpasswordrules.com/sites/tanishq/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Virgin Media.

Your password needs to be between 8 and 10 characters long, with no
spaces, and must contain only numbers and letters. The first character
must be a letter.

Feb 2020 Update: policy remains the same but the description is hidden
leaving you to guess the acceptable length/chars. Users are now lef...

https://dumbpasswordrules.com/sites/virgin-media/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Parnassus Investments.

A site responsible for protecting your investments limiting you to a
four character range with a bunch of other stupid rules? Shocking.

https://dumbpasswordrules.com/sites/parnassus-investments/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

#cybersecurity #cybersec

Alt...

The image is a meme divided into three sections. The top section displays the text: "SCIENTISTS HAVE MADE A BRACELET THAT CONVERTS STRESS INTO ELECTRICITY". Below this text are two side-by-side images of a black wristband with a lightning bolt symbol, worn on a wrist—one showing a front view of the band, the other showing a wrist gripping a railing. The middle section features the text "Cyber Security Professional". The bottom section shows a glowing, translucent figure seated at a table in a dimly lit room, with cups and other objects on the table.

This dumb password rule is from Datart.cz.

Czech eshop

Password:
- Max length is 20 characters
- No special characters allowed (only alphanumeric)

https://dumbpasswordrules.com/sites/datart-cz/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from A1 Mobile Serbia.

A1 mobile Serbia is a mobile provider in Serbia that imposes poor password rules.

Translation: "Length of the password must be between 8 and 20 characters and can only have letters and digits."

https://dumbpasswordrules.com/sites/a1-mobile-serbia/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from ING Romania's Internet Banking Portal.

No more, no less than 5 digits. This is the password you use to log in and to confirm
online transactions. They used to have "normal" passwords and they forced everybody to
change to the 5 digits versions. They said they've made it "so it's easier for you" and it's
OK, because everybody has 2FA.

https://dumbpasswordrules.com/sites/ing-romanias-internet-banking-portal/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Vincenzo, perhaps unsurprisingly, has not responded to any request for comment since this story broke yesterday...

#cybersecurity #epstein #hacker

https://www.cyberdaily.au/security/13164-jeffrey-epstein-employed-a-private-hacker-new-documents-reveal

This dumb password rule is from Techcombank.

Your password must:
- Be between 6 and 8 characters long
- Contains at least 1 number character
- Contains at least 1 lowercase character
- Contains at least 1 uppercase character
- Neither space nor unicode character is allowed. In fact,
NO special characters is allowed
- Must be changed every 9...

https://dumbpasswordrules.com/sites/techcombank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

NIST needing to get out of the CVE business isn't new by any means. Even the "give (mediocre) data out to anyone who asks" side of things has been failing often enough in the past two years that I had to switch to providing a data mirror via fcix.

https://www.cybersecuritydive.com/news/nist-cve-vulnerability-analysis-nvd-review/810300/

#cybersecurity #cve

⚠️ Notepad++ Hijacked by State-Sponsored Hackers

｢ The exact technical mechanism remains under investigation, though the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests ｣

https://notepad-plus-plus.org/news/hijacked-incident-info-update/

#notepadpp #china #opensource #cybersecurity

This dumb password rule is from Polytechnique Montreal.

Passwords must have a minimum length of 8 characters

Passwords must have a maximum length of 30 characters

Passwords must contain a minimum of 2 digits

Passwords must contain a minimum of 2 letters

Password must be different than the last one used

Passwords may contain these special characte...

https://dumbpasswordrules.com/sites/polytechnique-montreal/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Credit Agricole.

* Login is a predefined 11 digits long identifier that you can not change
* Password is a 6 digits long identifier that you need to input using your mouse

https://dumbpasswordrules.com/sites/credit-agricole/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Anthem.com.

* Use 8-20 characters.
* Use 1 letter and 1 number.
* $ ! @ * ? | also allowed.
* Don't use spaces.
* Don't use the same character three times in a row.
* Don't use part of the username.

https://dumbpasswordrules.com/sites/anthem-com/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from NordVPN.

- Password cannot be longer than 48 characters.

https://dumbpasswordrules.com/sites/nordvpn/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Those privacy advocates were right. 😬

"....based on data sourced from the Department of Health and Human Services (HHS) and other government agencies..."

#bigbrother #privacy #fascism #cybersecurity

This dumb password rule is from CAF (French Family Allowance Fund).

You have to enter your 8-digit password using this Frenchy keypad.

https://dumbpasswordrules.com/sites/caf-french-family-allowance-fund/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from College Board.

Password must be 9-30 characters with at least one upper case letter, one lower case letter, one number and one special character (no spaces) and be different than your username.

https://dumbpasswordrules.com/sites/college-board/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from CENLAR.

Your password can meet all the requirements in the list and still be invalid due to
an unspecified rule: any "special characters" that are not listed in the help text
are not allowed. Worse, it provides no useful feedback other than the "New Password"
field is red.

https://dumbpasswordrules.com/sites/cenlar/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from NVV (Nordhessische VerkehrsVerbund).

Password length must be 4 to 10 characters with only a few special characters allowed.

https://dumbpasswordrules.com/sites/nvv-nordhessische-verkehrsverbund/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

"DOGE" the experts, kill morale and force the remaining competent staff out, then hire sycophants and rubes. What could go wrong...

Oh, a reminder -- standards are lower for *acting* directors -- can bypass much of the usual screening.
https://arstechnica.com/tech-policy/2026/01/us-cyber-defense-chief-accidentally-uploaded-secret-government-info-to-chatgpt/
h/t @kimcrawley
https://zeroes.ca/@kimcrawley/115978548564763335
#infosec #cybersecurity #CISA

Signal President Meredith Whittaker warns AI agents embedded in OSes are eroding end-to-end encryption's real-world security, despite its mathematical soundness. With root-like access to messages & data, they bypass E2EE isolation—urgent rethink needed! 🔒🤖❌
https://cyberinsider.com/signal-president-warns-ai-agents-are-making-encryption-irrelevant/
#AI #Privacy #Cybersecurity #Newz #Signal

This dumb password rule is from PayPal.

Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol...

The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things are meant to get better not worse!

https://dumbpasswordrules.com/sites/paypal/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Tanishq.

Password must contain:
- 6 to 16 characters.
- At least one special character (@, #, $, %, * and & only).
- At least one alphabet.
- At least one number.

https://dumbpasswordrules.com/sites/tanishq/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Taleo.net.

Oracle Taleo is one of those old-school enterprise Applicant Tracking
Systems (ATS) that half the corporate world still uses even though
everyone hates it.

https://dumbpasswordrules.com/sites/taleo-net/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Bank of America.

20 character max and lots of special character restrictions.
Bank of America - keeping your money safe.

Also: If you paste a password greater than 20 characters,
the form truncates it without telling you or giving an
error.

https://dumbpasswordrules.com/sites/bank-of-america/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from University of Texas at Austin.

Because of the last two rules, which ban dictionary words and any
variants using symbol substitutions, *neither* of the passwords
presented in the [xkcd comic](https://xkcd.com/936/) are allowed.

https://dumbpasswordrules.com/sites/university-of-texas-at-austin/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from CAF (French Family Allowance Fund).

You have to enter your 8-digit password using this Frenchy keypad.

https://dumbpasswordrules.com/sites/caf-french-family-allowance-fund/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Sprint.

Sprint "upgraded" their security and disallow special characters.

https://dumbpasswordrules.com/sites/sprint/

#password #passwords #infosec #cybersecurity #dumbpasswordrules