search

duffn / dumb-password-rules

A compilation of sites with dumb password rules.
https://dumbpasswordrules.com
MIT License
2.99k stars 296 forks source link

Citibank Online #171

Open HyperTurbo opened 5 years ago

HyperTurbo commented 5 years ago

Citibank's online account passwords are NOT case sensitive. I do not know how someone would document/add a screenshot for this. It's been this way for years.

duffn commented 5 years ago

Wow, really? That's awful.

If you want to take a stab at a PR somehow showing this, that would be great.

Et7f3 commented 5 years ago

Try to create fake account with passord InUPPERCASE and show login with inuppercase. THe rule for login id are silly. image

HyperTurbo commented 5 years ago

It looks like I can't properly make a new account without opening a new bank account, and I obviously don't want to use my own account. I don't live near a citibank anymore, or I could go in person and be a weirdo and see if they can put me in contact with a tech support person who can confirm this via email or something? I don't know. I think the underlying reason (and this must be true for other old banks) is the mainframes used to store account data simply can't support it and there was no reason to because passwords would be entered by phone. Also they're too old to be worth the cost of migrating forward. As of 2017 Chase, Wells Fargo, Capital One, and American Express have account types that also have this issue. I'll keep digging and see if I can find any official documentation or try to get some kind of emailed confirmation from citibank(lmao unlikely).

On Sat, Sep 7, 2019 at 9:16 PM Et7f3 notifications@github.com wrote:

Try to create fake account with passord InUPPERCASE and show login with inuppercase. THe rule for login id are silly. [image: image] https://user-images.githubusercontent.com/29592775/64481916-1024ab80-d1e7-11e9-89c0-7c4a4e9a387f.png

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/dumb-password-rules/dumb-password-rules/issues/171?email_source=notifications&email_token=AJHYTPRZJ2YZDM4M7QUKKADQIRG7RA5CNFSM4IUKGN32YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6FFNSA#issuecomment-529159880, or mute the thread https://github.com/notifications/unsubscribe-auth/AJHYTPWJ7HL4I3OTDCXX5X3QIRG7RANCNFSM4IUKGN3Q .