Tuesday, September 22, 2009

My daily WTF


I was just slapped but web application: "Your password must be different from the 12 previous passwords".

Very "secure" (obscure) system forcing me to have my original password (of value "password") plus additional 12 passwords of values "password1", "password2", etc. On the other hand there is no other policy requiring me to have at least one digit or capital letter. The only one is that my new password has to be different than 12 that I had before.

WTF?

No comments: