Dumb Password Rules
- Why does this exist?
I get very annoyed when I encounter a dumb password rule in the wild. One day, I had enough and wanted to let everybody know how dumb these rules are.
- What's this about a bot?
There's also a bot that periodically toots random rules on Mastodon!
- What makes a dumb password?
You probably know it when you see it. "Maximum 17 characters, must start with a 7, no ~ allowed." If you aren't sure, open a new issue or PR to discuss. This isn't a scientific study. There aren't any hard and fast rules though, so let's talk about it.
- I found a password rule that I think is dumb. Can I add it to this list?
New contributions are always welcome! Please add your entry on GitHub. If you're not a developer and don't know what GitHub is or how to work with it, why don't you drop me a line and I'll lend a hand!
- My company is on this list. How can I have us removed?
If you've fixed your dumb password rule, awesome! I'll happily remove entries that have been corrected. Please open a pull request to have your entry removed on GitHub.