Sounds a lot like my bank. 5 characters of 0-9 is exactly what they validate the... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		randomdata on Aug 28, 2012 \| parent \| context \| favorite \| on: How I cracked my neighbor's WiFi password without ... Sounds a lot like my bank. 5 characters of 0-9 is exactly what they validate their passwords on. Luckily that validation is done only in Javascript, so disabling the check allows you to use any password you want. That doesn't help the average person though.

0x0 on Aug 28, 2012 | [–]

So you actually tricked the server into setting a password it usually wouldn't accept? Uh oh, hope they don't "fix the problem" by adding similar validation on the server side later :P

DanBC on Aug 28, 2012 | [–]

I would ask "Why are they still your bank?" but I know that most online banking is similarly awful.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact