• dan@upvote.au
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      One of the largest banks in Australia (Westpac) used to require passwords to be exactly 6 characters (no more, no less) and they were case insensitive. It also had a fun ‘denial of service’ attack built-in: If you got it wrong three times, it’d lock the account and force you to go to the bank to unlock it, meaning anyone that knew your bank username could lock you out of your account and cause some pretty big headaches. Fun.

      In fact, I’m not sur whether they ever fixed this. Haven’t used their services in a long time.