Set up an account at Wells Fargo today and they told me the password requirements... This is a joke right?

  • 16
    >additional guidelines
  • 11
    Holy shit I just tested and they're not even case sensitive. Wut.
  • 9
  • 11
    They just gave me all of the requirements for my brute forcing tool. Seriously WF is a joke.
  • 18
    Someone should write a utility that takes a list of "password requirements" and outputs a bruteforce count and time estimate.
  • 3
    There might be some regulatory factor here. Like the 9-digit thing sounds like them trying to avoid people using their SSN as their password and this was the best they could come up with.

    My favorite are the ones that prescribe an exact subset of acceptable special characters. Those are almost always smells that there’s an injection vulnerability behind it.
  • 8
    Should also require at least two emojis.
  • 1
    Password guidelines are crap.
  • 4
    Your challenge for the day is to write a regex string to match that. Including the clause regarding the three previous passwords
  • 0
    They have to make it so no one can break in and see all the fake accounts they set up 😂
  • 0
    @ancientyouth hahaha I was thinking the same!!
Add Comment