Culture

One Site Is Highlighting the Internet’s Dumbest Password Rules

The appropriately named Dumb Password Rules highlights 286 sites with maddening password restrictions

By Kirk Miller
March 3, 2023 11:41 am
Close up on screen of website sign in button
Your password must be between 8-20 characters with randomly infuriating restrictions
SEAN GLADWELL / Getty

If you’ve ever gone to, well, any website ever, you’ve probably been prompted to open an account and create a username and password. And every site/company has a different methodology for creating those log-ins, with varying rules about capital letters, special characters and password length that make the sign-in process burdensome (and often no safer). This is why we salute the existence of Dumb Password Rules.

DPR was created by a software engineer who goes under the username duffn. “I get very annoyed when I encounter a dumb password rule in the wild,” they write. “One day, I had enough and wanted to let everybody know how dumb these rules are.” (H/t View From the Wing for highlighting the site and bringing it to our attention.)

Reminder: Don’t Use Your Pet’s Name as a Password
Reminder: Don’t Use Your Pet’s Name as a Password
 Here are a few best practices for keeping your online data safe for World Password Day, at least before we reach our password-less future

There are currently 286 sites on Dumb Password Rules, running the gamut from banking to travel to health. Each one features a screenshot of the site log-in and a brief explanation of the password, uh, dumbness. For example: Ameli, a French healthcare site, requires the following for creating a password:

  • The password must be more than 8 characters
  • But you cannot use more than 13 characters
  • You can only use digits
  • You cannot use your birthdate or your login
  • You cannot use a sequence of digits (if your password happens to contain 56 or 89 it will be rejected)
  • You cannot repeat the same character (if your password contains 22 or 55 it will be rejected)

Not all of the sites listed are as egregious as that one, but most are certainly annoying — Bank of America, for instance, requires a number, uppercase letter, lowercase letter and limits (but doesn’t completely ban) special characters for its 8-20 character password.

Keeping your information safe is important, but frustrating customers at the same time shouldn’t be the goal. For users, there are plenty of good tips on how to pick a safe password, but if sites aren’t going to allow some of these best practices, they’re not working in your best interest. (In any case, do get a password manager; we personally like Dashlane, but there are others.)

So, what if you’re one of the companies that made this list and want to be removed? Per duffn: “If you’ve fixed your dumb password rule, awesome! I’ll happily remove entries that have been corrected. Please open a pull request to have your entry removed on GitHub.”

More Like This

Close up, cropped shot of young woman sitting on the bench in urban office park working outdoors, logging in to her laptop and holding smartphone on hand with a security key lock icon on the screen. LastPass, a password manager, was recently hacked.
What Do You Do When Your Password Manager Gets Hacked?
stock photo of Young Asian woman logging in to her laptop and holding smartphone on hand with a security key lock icon on the screen, sitting in the living room at cozy home. Password security for corporations was recently called out by Dashlane.
These Companies Had the Worst and Dumbest Password Breaches in 2021
A man using a laptop in Turkey. (Photo by Aytac Unal/Anadolu Agency/Getty Images)
The Passwords Most Likely to Get You Hacked

Culture
Kirk Miller is InsideHook's Senior Lifestyle Editor (and longest-serving resident). He writes a lot about whisk(e)y, cocktails, consumer goods and artificial intelligence.

Most Popular

Bare-knuckle boxer Bobby Gunn
Excerpt: Meet Bobby Gunn, a Bare-Knuckle Boxing Father of Two
Head coach Sean McVay of the LA Rams.
No First-Round Draft Pick? No Problem for the Rams.
Louis Villegas, owner of Big Ice HTX, pulls out a tray of ice cubes on Monday, Aug. 28, 2023 in Houston. Big Ice HTX creates and sells luxury ice, clear ice cubes with logos or other edible items added to it for bars wanting a more unique presentation
We’ve Hit Peak Cocktail Ice
Luke Little of the Cubs pitches against the Houston Astros.
MLB Treats Pitcher’s American Flag Patch Like Sticky Stuff
Two men, one a Republican and one a Democrat, sitting at a coffee shop in an illustration. We spoke with two men, one a Trump voter and one a Biden voter, about how they became friends despite political differences.
One’s a Conservative, One’s a Liberal. Here’s Their Secret to Friendship.
An illustration of Boston Bruins goalies Jeremy Swayman and Linus Ullmark doing their trademark post-game hug
The Man Hug That Could Go Down in Hockey History

The InsideHook Newsletter.

News, advice and insights for the most interesting person in the room.

More Culture, Right This Way

Bill Maher and Robert F. Kennedy, Jr.

Bill Maher Defended Vaccines on This Week’s “Real Time”

World Cup signage

It Might Already Be Too Late For Some Fans to Get Visas for the 2026 World Cup

Laiatu Latu poses with NFL commissioner Roger Goodell.

NFL Draft’s First Round Was Offensive for Defensive Players

Michael Penix Jr. reacts after the beating Utah Utes.

Michael Penix Jr. Was the Biggest Shock of the NFL Draft. We Spoke With Him.

Explore More Culture

Keep Reading

An illustration of three young men after a soccer match next to the words "I Love You." We discuss the difficulty straight men still have expressing their love for their male friends.

Three Words Straight Guys Still Can’t Say to Each Other

A whiskey thief pouring bourbon from a barrel into a Glencairn at Bardstown Bourbon Company

For Whiskey Geeks, “Sourced” Is No Longer a Dirty Word 

Regardless of what kind of traveler you are, California has a park for you.

Which California National Park Is for You?

people dancing in a nightclub, orange dim lighting

The Best Bars in Dallas’s Bishop Arts District