Posts about password-failure
Password fail: Flying Blue
Yesterday I received an e-mail that Flying Blue moved away from their 'pin' (a few digits only) password for online services. My initial response was being very pleased about this move. I've just changed my pin to a password, but... See the screenshot below for the password restrictions. facepalm
Password fail: Delta Lloyd
While resetting my password at DeltaLloyd the following password failure was shown:
Password fail: Examslocal
While resetting my password at Examslocal the following password failure was shown:
Password fail: Aliexpress
After my Dutch rant, now it is time to do an English one. I've noticed (generally speaking) that customer support does not reply to messages about password insecurity. Since these kind of security flaws do not get fixed, perhaps mentioning them out in the open is the way forward. Nowadays 'social media' are 'news' sources and they respond best to a 'drama' type of news. So let's give that a try, in the hope that the insecurities get fixed and we all get a more secure and safer future.
Today I created an account at AliExpress and noticed the following:
Password fail: Evides
Het is zover, ik ben er helemaal klaar mee. In de afgelopen jaren heb ik zeer regelmatig een mail naar de klantenservice van verschillende partijen gestuurd over dit soort fouten, maar daarop kreeg ik nooit een reactie. Gezien dramavoetbal, soms gefaciliteerd door "social media", soms door "nieuws", tegenwoordig blijkbaar beter werkt, kan ik net zo goed hierover bloggen. Misschien dat iedereen hiervan kan leren en we uiteindelijk betere en vooral veiligere systemen krijgen.
Vandaag heb ik een account aangemaakt bij Evides en zag ik deze prachtige meldingen onderin: