So I had to get a login to a customer's VPN and they have fairly strict password requirements one of which is tha the password must be 10 characters.

Not 10 or more characters. EXACTLY 10. No more, no less.

And all the user names are EXACTLY 8 characters.

I'm like....


@msh Could be a warning sign that they are not storing credentials properly? Those arbitrary sounding limits usually mean some funky way of storing them. Or like in situations when a service can email you your current password. That shouldn't be possible if they salt + hash them.

Sign in to participate in the conversation
COALES.CO - Come Together!

Micro-blogging site operated by Mark Shane Hayden of Coalesco Digital Systems Inc. We are located in Alberta, Canada. This is NOT intended to be a commercial/promotional site! Registration is open to anyone interested in civil discussions on any interesting topic--especially technology, current events and politics.