[loginx]

You think that's bad? My damn BANK has the following password policy for online banking:

  The password you create here can be used to access Online, Mobile and Telephone Banking.
  All passwords must be six characters in length. Special characters (eg. *, %, $, etc) will not be accepted.

[blacksmith_tb]

Banks are some of the worst - though oddly in many cases I've seen them support much more complex usernames than passwords. If you use a password manager you can generate large, random usernames to go with your tiny, weak password, potentially.

[sleepybrett]

get a new bank, then tell them why.

[Spivak]

I'm sure they will be heartbroken.

[forgotAgain]

Send it in a certified letter. Address it to the CEO and send certified CC's to the FDIC, CIO, and a reporter for a local or national tech newspaper column.

It may sound archaic but you have to raise the visibility if you're concerned about changing the banks behavior.

[zild3d]

People just tweet @ceo or @company these days, same effect