I just had a major banking institution send me a plaintext pw instead of reset token, with a 15 char limit, and a rotation requirement.
Probably not. But if you work as a contractor for somebody with non-sensical requirements, at least you have some research that you can link to to support your point.
Probably not. But if you work as a contractor for somebody with non-sensical requirements, at least you have some research that you can link to to support your point.