Aggregator

Our submitter, Gearhead, was embarking on STEM-related research. This required him to pursue funding from a governmental agency that we’ll call the Ministry of Silly Walks. In order to start a grant application and track its status, Gearhead had to create an account on the Ministry website.

The registration page asked for a lot of personal information first. Then Gearhead had to create his own username and password. He used his password generator to create a random string: D\h.|wAi=&:;^t9ZyoO

Upon clicking Save, he received an error.

Your password must be a minimum eight characters long, with no spaces. It must include at least three of the following character types: uppercase letter, lowercase letter, number, special character (e.g., !, $, % , ?).

Perplexed, Gearhead emailed the Ministry’s web support, asking why his registration failed. The reply:

Hello,
The site rejects password generators as hacking attempts. You will need to manually select a password.
Ex. GHott*01

Thank you,

Support

So a long sequence of random characters was an active threat, but a 1990s-era AOL username was just fine. What developer had this insane idea and convinced other people of it? How on earth did they determine what was a "manually selected" string versus a randomly-generated one?

It seems the deciding factor is nothing more than length. If you go to the Ministry’s registration page now, their password guidelines have changed (emphasis theirs):

Must be 8-10 characters long, must contain at least one special character ( ! @ # $ % ^ & * ( ) + = { } | < > \ _ - [ ] / ? ) and no spaces, may contain numbers (0-9), lower and upper case letters (a-z, A-Z). Please note that your password is case sensitive.

Only good can come of forcing tiny passwords.

The more a company or government needs secure practices, the less good they are at secure practices. Is that a law yet? It should be.

[Advertisement] Plan Your .NET 9 Migration with Confidence
Your journey to .NET 9 is more than just one decision.Avoid migration migraines with the advice in this free guide. Download Free Guide Now!

Bonfire Night descended into chaos in Liverpool as Merseyside fire crews were hurled with fireworks as they attended a tower block blaze.

Even offers refunds if users sign up for AI they don’t want, once it fixed a bad link

Updated  Microsoft Australia has apologized to users of its M365 suite after regulators accused it of steering them towards pricey bundles that include its Copilot AI service.…

Terrifying footage from the scene showed a ball of flames growing in the distance and rising up into the air as firefighters tried to tamp down a blaze.

My experience of Guy Fawkes Night for the first time, I wasn't quite sure what to expect when I arrived at Colchester Castle Park on Wednesday evening.

A Kelvedon plumber has won content creator of the year award at the On The Tools Awards for 2025.

Here are six of the pets at RSPCA sites in Essex who would love to find new homes.

My experience of Guy Fawkes Night for the first time, I wasn't quite sure what to expect when I arrived at Colchester Castle Park on Wednesday evening.

Here are six of the pets at RSPCA sites in Essex who would love to find new homes.

Plans could be submitted later this year with a decision midway through 2026

The actress, 49, looked incredible as she attended the photocall for Now You See Me: Now You Don't in London on Wednesday night.

Dave Scott, 57, was waiting to pick up his daughter at the railway station in Cambridgeshire on Saturday evening when he says a man with a knife approached his vehicle.

It comes as new research reveals that more than half of our military personnel restrict contact with loved ones when they are stationed abroad because they can't afford it.

Jean Guillot, 35, was in custody accused of 'attempted murder' following the Wednesday morning rampage on Oléron, off France 's western Atlantic coast.

Natalie Chadwick, 27, struggled to confirm her name, age and address while in court charged with killing Luke Harden. She is accused of one count of murder with co-defendant Bhekisani Matabiswana.

The Duke of Sussex denied deliberately trying to overshadow his older brother through his own pseudo-royal tour.

A study of 2,000 motorists found 86 per cent of men feel safe driving, compared with 78 per cent of women.

Other staff members at the public broadcast have shared concerns that a 'small group of people' are keeping anti-transgender 'perspectives off the air'.

Since April, more than 100 people have been injured and at least 12 killed in bear attacks across Japan, according to Environment Ministry statistics at the end of October.

The dog which killed a nine-month-old baby in Rogiet, Wales, on Sunday was an XL Bully which had been registered before the ban on the breed came into effect.