|
|
|
|
|
|
by tg3
4833 days ago
|
|
|
It should be noted that by also storing a hash of your password in keypad-compatible format (if you're right about this) is that it significantly reduces the search space for a potential brute force attack. It also seems they don't allow special characters, which is a further reduction. I'm not sure that a robo-caller is the most efficient way to steal a bank password, but it is certainly possible. Of course, the cynic in me says that they are storing an encrypted, as opposed to hashed version of your password. But one can hope! |
|
|
These two rules seem to further support my theory of what they are doing: * Must not contain more than 4 sequential digits (ex: 1234, 76543) * May contain the following special characters: "%'()+,-/:;<=>?\ ^_|