Or the antique Bell candlestick rotary phone that my mom has, still hard-wired into a phone nook inset into the plaster walls during construction nearly 100 years ago. And that bad boy still works flawlessly.
I then wonder if these passwords are even less secure since the backend system would have mapped {A,B,C}=1 at some point for the dialer system to work. so my password "CaB" would be the same as "cab" and "CAB" and "ABC" and "111", etc.
since the backend system would have mapped {A,B,C}=1
Not necessarily. For all we know, Sabre could have scooped T9, and transmitted a "C" by sending three single pulses, or an "N" with two groups of six. (We're talking about the days of rotary phones, not touch-tone, remember.)
Random tidbit: The "1" digit on a telephone has no letters associated with it; "2" is assigned "ABC".
(This was burned into my brain years and years ago while watching a "Jeopardy!" episode, in which this mistake caused all three contestants to lose the final round.)
This entropy loss is standard. Try calling the country's leading 401K provider or other banks, they'll ask for your password over the phone keypad.
Because of this, most people cannot have punctuation in the password (not on phone keypad), and aB2CaCb becomes 1111111. So much for 104 keys on the keyboard.
the fidelity case scared me years ago. amazed they still do that, but I can also imagine that they have a system that only allows the crazy phone mapping when validating over the phone an policy around that on how many times you can try, phone number you try from, etc to minimize brute force attacks to counter the loss of entropy.