wiffu

Have you ever seen a more pathetic password policy (I’m sure you have but this one is pretty bad). Black-hat hackers must love this if they are able to use brute force type attacks. What poor excuse for a backend can only support passwords in this format?? I never understand why sites don’t allow you to use any (or a VERY limited set) of special characters in you password. Passwords should ALWAYS be hashed (md5, sha, etc…) before persisted so you should be able to use any ’special’ printable character you want. Be wary of the site that can retrieve your actual password!!!

• Passwords must either be 7 or 8 characters in
  length.
• You must use at least one number in your password.
• You must use either the # or $ character in your password.
• You may not use any of your previous (8) eight
  passwords.* If you experience a network or
  printer problem after
  resetting your password using Passport, please shutdown
  and restart your computer.