One can only hope. But based on my experience, they usually do not. I once sent an email to Microsoft telling them that their Microsoft account app had a vulnerability, and I even sent them the XML line they needed to add to their Android Manifest to fix it, and they wouldn’t do it because it required physical access to the device to exploit. I mean, that’s fair enough, but it was literally one line of code to plug the hole.
They eventually did add that line about 6 years later.
I remember about 2015 (?) In the vicinity anyway, PayPal has a 12 character MAXIMUM on their passwords.
PayPal, you know the place where you can literally transfer all the money. A 12 character MAXIMUM
I emailed them to suggest they change this requirement. And they replied saying that 12 characters was sufficient if you used special characters and numbers.
I was changing my password on a pretty big company website the other day.
The password generated by my password manager kept giving me a http error (500 I think)
I generated a new password and deleted all the special characters other than the obvious ones. Boom, worked first time.
So looks like someone is not sanitising their inputs properly.
I sent them an email so hopefully they will fix.
Password1’); DROP TABLE Passwords;–
Robert’); DROP TABLE Students;–
One can only hope. But based on my experience, they usually do not. I once sent an email to Microsoft telling them that their Microsoft account app had a vulnerability, and I even sent them the XML line they needed to add to their Android Manifest to fix it, and they wouldn’t do it because it required physical access to the device to exploit. I mean, that’s fair enough, but it was literally one line of code to plug the hole.
They eventually did add that line about 6 years later.
It boggles sometimes.
I remember about 2015 (?) In the vicinity anyway, PayPal has a 12 character MAXIMUM on their passwords.
PayPal, you know the place where you can literally transfer all the money. A 12 character MAXIMUM
I emailed them to suggest they change this requirement. And they replied saying that 12 characters was sufficient if you used special characters and numbers.
Glad they have finally changed it now.
My bank has an 8 character limit. Not minimum, limit
God thats horrible