Why the hell the first character of the password must be a letter?

To make it easier to people trying to steal other's credentials. They should even published detailed rules:

- Maximum 4 characters

- Must start with a letter

- Second character must be a number

- The rest must be the month of your birth

That's to complicated for the validator how should the validator know if the birthdate is valid. 😁😂

Lately I changed my passwords to generated ones from Keepass. Here is my experience with passwords: 99% of websites I have credentials saved that I am concerned of have either a limit of maximum 6 to 24 chars or have specific rules about how the password has to look like (google doesnt allow spaces at the end for example). So Keepass didnt serve me well because all websites dont allow for secure passwords.

That happens when you just copy the username validator to validate the password...

@tomahawxer it's still better to use generated ones though. I do the same with lastpass and I've found websites that one wouldn't even need a gpu to brute force a pw in feasible time.