AOK (German Health Insurance) - Dumb Password Rules This is the online customer portal of the German health insurance company AOK. They have an extensive set of rules for both passwords and usernames. The password rules are: - Length between 8 and 14 characters - At least one letter, one number and one special character - Special characters are: !@$%/=?`+@#_.;:{}| - The password must not start with ? or ! - The password must not include the username - The password must not be the same as any of your previous passwords The rules for the username are: - Length between 1 and 12 characters - No umlauts allowed (äöü), no special characters, no spaces, no ., no _, no ß

This dumb password rule is from AOK (German Health Insurance).

This is the online customer portal of the German health insurance company AOK. They have an extensive set of rules for both passwords and usernames.
The password rules are:
- Length between 8 and 14 characters
- At least one letter, one

Easybank (Austrian direct bank) - Dumb Password Rules - At least 8 and at most 16 (!) characters - **Must start with 5 digits (do we really want to know what's going on there?)** - At least one uppercase and one lowercase letter - (Some) special characters are permitted, most are not - "Simple" patterns are prohibited - PINs are case sensitive (at least it's something)

This dumb password rule is from Easybank (Austrian direct bank).

- At least 8 and at most 16 (!) characters
- **Must start with 5 digits (do we really want to know what's going on there?)**
- At least one uppercase and one lowercase letter
- (Some) special characters are permitted, most are not
- "

Freepik - Dumb Password Rules Has to be between 6 and *30* characters, needs to have a number, letter, capital letter, symbol BUT no whitespaces.

This dumb password rule is from Freepik.

Has to be between 6 and *30* characters, needs to have a number, letter, capital letter, symbol BUT no whitespaces.

https://dumbpasswordrules.com/sites/freepik/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Credit Agricole - Dumb Password Rules * Login is a predefined 11 digits long identifier that you can not change * Password is a 6 digits long identifier that you need to input using your mouse

This dumb password rule is from Credit Agricole.

* Login is a predefined 11 digits long identifier that you can not change
* Password is a 6 digits long identifier that you need to input using your mouse

https://dumbpasswordrules.com/sites/credit-agricole/

#password #passwords #infosec #cybersecu

Crédit Agricole Centre-Est - Dumb Password Rules You have to enter your 6-digit password using this Frenchy keypad.

This dumb password rule is from Crédit Agricole Centre-Est.

You have to enter your 6-digit password using this Frenchy keypad.

https://dumbpasswordrules.com/sites/credit-agricole-centre-est/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Express Energy - Dumb Password Rules Retail Electricity Provider (REP) participating in ERCOT. Minimum 6, maximum 10. Stated requirement of numbers and letters, but special characters are accepted.

This dumb password rule is from Express Energy.

Retail Electricity Provider (REP) participating in ERCOT.

Minimum 6, maximum 10. Stated requirement of numbers and letters, but special characters are accepted.

https://dumbpasswordrules.com/sites/express-energy/

#password #passwords #infosec #cybe

Omnivox - Dumb Password Rules Password length must be 8 to 20 characters long with lower case characters and numbers only.

This dumb password rule is from Omnivox.

Password length must be 8 to 20 characters long with lower case characters and numbers only.

https://dumbpasswordrules.com/sites/omnivox/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

CodePen - Dumb Password Rules The password should be of at least 8 characters and must include a number, special character, an upper as well as a lowercase letter

This dumb password rule is from CodePen.

The password should be of at least 8 characters and must include a number, special character, an upper as well as a lowercase letter

https://dumbpasswordrules.com/sites/codepen/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Mycanal - Dumb Password Rules - Minimum of 8 characters - Contain at least 1 uppercase character or 1 number - Can not contain these characters : ‹ › ' "

This dumb password rule is from Mycanal.

- Minimum of 8 characters
- Contain at least 1 uppercase character or 1 number
- Can not contain these characters : ‹ › ' "

https://dumbpasswordrules.com/sites/mycanal/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Very.co.uk - Dumb Password Rules Password field allows *only* the listed Special Characters ($ . , ! % ^ \*). You're also forced to use both upper, and lower letters, as well as a number.

This dumb password rule is from Very.co.uk.

Password field allows *only* the listed Special Characters ($ . , ! % ^ \*).
You're also forced to use both upper, and lower letters, as well as a number.

https://dumbpasswordrules.com/sites/very-co-uk/

#password #passwords #infosec #cybersecurity #dumb

Getin Bank - Dumb Password Rules The new password should contain at least 10 and a maximum of 20 characters. The password must contain at least one upper case letter, one lower case letter and one number. The password cannot contain non-ASCII Polish alphabet characters, special characters `&<'"` or spaces.

This dumb password rule is from Getin Bank.

The new password should contain at least 10 and a maximum of 20 characters.
The password must contain at least one upper case letter, one lower case
letter and one number. The password cannot contain non-ASCII Polish alphabet
characters, special character

Onleihe - Dumb Password Rules Password is your birthday in format ddmmyyyy. Users are not allowed to change their passwords

This dumb password rule is from Onleihe.

Password is your birthday in format ddmmyyyy. Users are not allowed to change their passwords

https://dumbpasswordrules.com/sites/onleihe/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

SONY - Dumb Password Rules - between 8 and 30 characters - at least one number or special character - not part of email address - avoid common passwords - repeating characters 3 or more times should be avoided - currency characters and 3 or more consecutive characters, also in reverse order, should be avoided Somehow "$" is not counted as a currency character, but as a special character. Moreover, as soon as the password contains "€", "£" or "元" for example, it is regonized as a common password. Hence "76eHnE6OH€OCmv4ZGo30#Oe^@gdw^@" does not fulfill the requirements while "qwerty$$" does.

This dumb password rule is from SONY.

- between 8 and 30 characters
- at least one number or special character
- not part of email address
- avoid common passwords
- repeating characters 3 or more times should be avoided
- currency characters and 3 or more consecutive characters, also in reverse or

PayPal - Dumb Password Rules Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol... The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things are meant to get better not worse!

This dumb password rule is from PayPal.

Must be between 8 and 20 characters, no spaces, uppercase and lowercase, one symbol...

The rule limits special characters to !@#$%^&*(). but my current password has a "-" in it so someone decided to restrict this further which is totally backwards. Things ar

Dwr Cymru (Welsh Water) - Dumb Password Rules Limits password length to a maximum of 16 characters

This dumb password rule is from Dwr Cymru (Welsh Water).

Limits password length to a maximum of 16 characters

https://dumbpasswordrules.com/sites/dwr-cymru-welsh-water/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

A1 Mobile Serbia - Dumb Password Rules A1 mobile Serbia is a mobile provider in Serbia that imposes poor password rules. Translation: "Length of the password must be between 8 and 20 characters and can only have letters and digits."

This dumb password rule is from A1 Mobile Serbia.

A1 mobile Serbia is a mobile provider in Serbia that imposes poor password rules.

Translation: "Length of the password must be between 8 and 20 characters and can only have letters and digits."

https://dumbpasswordrules.com/sites/a1-mobile-serbia/

HM Revenue & Customs (UK Tax) - Dumb Password Rules We store basically all of your data, but we can't store your password.

This dumb password rule is from HM Revenue & Customs (UK Tax).

We store basically all of your data, but we can't store your password.

https://dumbpasswordrules.com/sites/hm-revenue-and-customs-uk-tax/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

CAF (French Family Allowance Fund) - Dumb Password Rules You have to enter your 8-digit password using this Frenchy keypad.

This dumb password rule is from CAF (French Family Allowance Fund).

You have to enter your 8-digit password using this Frenchy keypad.

https://dumbpasswordrules.com/sites/caf-french-family-allowance-fund/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Ancestry - Dumb Password Rules Password: - Must be at least 8 characters long - Must contain at least 1 number - Must contain at least 1 letter or special character - Must not be a well known or common password

This dumb password rule is from Ancestry.

Password:
- Must be at least 8 characters long
- Must contain at least 1 number
- Must contain at least 1 letter or special character
- Must not be a well known or common password

https://dumbpasswordrules.com/sites/ancestry/

#password #passwords #infosec

SAP Cloud Appliance Library - Dumb Password Rules Passwords between 8 and 9 characters are the best.

This dumb password rule is from SAP Cloud Appliance Library.

Passwords between 8 and 9 characters are the best.

https://dumbpasswordrules.com/sites/sap-cloud-appliance-library/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

CodePen - Dumb Password Rules The password should be of at least 8 characters and must include a number, special character, an upper as well as a lowercase letter

This dumb password rule is from CodePen.

The password should be of at least 8 characters and must include a number, special character, an upper as well as a lowercase letter

https://dumbpasswordrules.com/sites/codepen/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Best Buy - Dumb Password Rules You can enter whatever password you like! But you probably don't want to make it too long, because you'll break us and you'll never be able to login again.

This dumb password rule is from Best Buy.

You can enter whatever password you like! But you probably don't want to
make it too long, because you'll break us and you'll never be able to
login again.

https://dumbpasswordrules.com/sites/best-buy/

#password #passwords #infosec #cybersecurity #dumbpas

United Kingdom Post Office - Dumb Password Rules Will not allow you to copy-paste your password into the text box (e.g. from a password manager). Because allowing people to copy their passwords over will defintely not result in weak passwords :)

This dumb password rule is from United Kingdom Post Office.

Will not allow you to copy-paste your password into the text box (e.g. from a password manager). Because allowing people to copy their passwords over will defintely not result in weak passwords :)

https://dumbpasswordrules.com/sites/unite

Saturn - Dumb Password Rules Passwords need to be between 8 and 15 characters.

This dumb password rule is from Saturn.

Passwords need to be between 8 and 15 characters.

https://dumbpasswordrules.com/sites/saturn/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Bouygues Telecom - Dumb Password Rules - Password cannot be more than 20 characters long - Password can't contain special chars other than ASCII ones (for a French website this sucks as é, à, ç and so on are rejected...)

This dumb password rule is from Bouygues Telecom.

- Password cannot be more than 20 characters long
- Password can't contain special chars other than ASCII ones (for a French website this sucks as é, à, ç and so on are rejected...)

https://dumbpasswordrules.com/sites/bouygues-telecom/

#password #

My Prepaid Center - Dumb Password Rules Only six legal special characters; maximum password length is 20 characters.

This dumb password rule is from My Prepaid Center.

Only six legal special characters; maximum password length is 20 characters.

https://dumbpasswordrules.com/sites/my-prepaid-center/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

IKEA - Dumb Password Rules Dumb restriction for consecutive similar characters. Wonder if someone got more that 2 identical characters in their name then it won't allow you to even use name in password. Password must contain: - 8-20 characters - **No more than 2 identical characters in a row** - A lowercase letter (a-z) - An uppercase letter (A-Z) - Number or special character

This dumb password rule is from IKEA.

Dumb restriction for consecutive similar characters. Wonder if someone got more that 2 identical characters in their name then
it won't allow you to even use name in password.

Password must contain:
- 8-20 characters
- **No more than 2 identical characters in

Equifax - The Work Number - Dumb Password Rules Eight to sixteen characters, numeric digits only, not the same as the User ID. * Number of permutations: 1E+16 * Number of permutations for the weakest length: 1E+8 * vs permutations for a 8-16 password using standard characters: 4E+31 * vs permutations for the weakest length of 8 using standard characters: 7E+15 * Other issues: allows and encourages the use of sequences like "12345678", SSN, DOB, today's date * At stake: last 4 digits of SSN, current and past addresses, and detailed work history of millions of Americans, down to how much their paycheck was in the third week of September 2007 * Past security screw-ups by this company: [https://en.wikipedia.org/wiki/Equifax#Security_Failings](https://en.wikipedia.org/wiki/Equifax#Security_Failings)

This dumb password rule is from Equifax - The Work Number.

Eight to sixteen characters, numeric digits only, not the same as the User ID.
* Number of permutations: 1E+16
* Number of permutations for the weakest length: 1E+8
* vs permutations for a 8-16 password using standard characters: 4E+31
* vs

Wells Fargo - Dumb Password Rules Your password must be between 8-32 characters long and inexplicably doesn't accept `-` but does seemingly accept other special characters.

This dumb password rule is from Wells Fargo.

Your password must be between 8-32 characters long and inexplicably doesn't accept `-` but does seemingly accept other special characters.

https://dumbpasswordrules.com/sites/wells-fargo/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

URSSAF (French employers tax collection service) - Dumb Password Rules When setting a new password: Password must be exactly 8 characters, at least 1 letter, at least 1 number, but no special characters.

This dumb password rule is from URSSAF (French employers tax collection service).

When setting a new password:
Password must be exactly 8 characters, at least 1 letter, at least 1 number, but no special characters.

https://dumbpasswordrules.com/sites/urssaf-french-employers-tax-collection-service/