[eli]

Sure, maybe. But you're guessing at how the system works and how it's used and what the constraints are...

Maybe Jetblue's developers a bunch of lazy dummies who couldn't think up the solution in your comment... But my experience suggests to me that they're much more likely to be perfectly competent and that there's simply more to the problem than is apparent from the outside.

[Lagged2Death]

But you're guessing at how the system works and how it's used and what the constraints are...

I was attempting to come up with a layer that would paper over any constraints of the underlying system, but you're right that I'm guessing.

Maybe Jetblue's developers a bunch of lazy dummies...

I would never be as harsh as that. I would guess that this sort of thing is a matter of institutional culture. Nonsensical password rules are extremely common. The organizations responsible are doubtless full of individuals who know they're not optimal, but fixing the password rules is never on the top of anyone's priority list. And once you've gone live with the bad password arrangement (as you well might under schedule/budget pressure), it becomes hugely more difficult to change things.

[chavesn]

That's quite generous of you. I don't think there's any more reason to assume they are competent than to assume they aren't.

The fact is that this sucks for the user. It's also a pretty safe bet to say that there are lots of developers putting code into use solving problems outside their competency. You may not want to assume this evidence makes them terrible developers, but that doesn't make the inverse any more likely, either.

[eli]

Thanks. As I said, it's based on my experience.

I used to think most other programmers were bad and most legacy systems were terrible, until I had to design and maintain one that lasted for years myself...