This policy allows an attack without any secret to force a password change, possibly to a weaker one if user is forced to do it on the spot.
-
-
Show this thread
-
Like almost all password rules, some twit made it up because it seemed like a good idea.
Show this thread -
There are often sound reasons for security things that at first seem dumb / needlessly complex. Except password policies. Usually just dumb.
Show this thread
End of conversation
New conversation -
-
-
My bank did this to me 3X in a ~wk, yet wdn't tell me where the login attempts came from. To stop it I finally had to change my username. 1/
-
I was trying to figure if it really was a hack attempt or just sm1 w/ similar username who was accidentally typing mine. (Yes, possible.) 2/
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
My bank does this. Anyone can DoS me that way: block me out of home banking and make me *go to an ATM* to reset my password.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
“Please make your password easier to brute force to reduce the load on the server”
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.