I feel like work passwords are just always the worst security you will ever see, which sucks because you would think they would be the most important security.
I had a job once that you could put a password in and it was across multiple intranet services
Some services wanted the password case sensitive. Some wanted the password either as all caps or all lowercase.
So anytime you put your password in, you essentially had to put the password in up to three times unless you knew how that service had it.
Documentation would have please put password in as all caps or please have password completely lowercase
Honestly, there was an unwritten rule that when you put your password in, you just did it in all caps. That way you only had to try two different passwords instead of three different passwords if you couldn’t remember what service it was.
Very concerning for comp sec. Fortune 100 company as well.
I feel like work passwords are just always the worst security you will ever see, which sucks because you would think they would be the most important security.
I had a job once that you could put a password in and it was across multiple intranet services
Some services wanted the password case sensitive. Some wanted the password either as all caps or all lowercase.
So anytime you put your password in, you essentially had to put the password in up to three times unless you knew how that service had it.
Documentation would have please put password in as all caps or please have password completely lowercase
Honestly, there was an unwritten rule that when you put your password in, you just did it in all caps. That way you only had to try two different passwords instead of three different passwords if you couldn’t remember what service it was.
Very concerning for comp sec. Fortune 100 company as well.