This looks like Hyundai Bluelink, and if it's not, then it has the exact same issue. The old password was a generated password provided by support.
Whatever site that is, make sure you use a burner email, burner pw (if you get it to work) and joe doe contact info.
To me it looks like their frontend guy just copy/pasted the password field with all validation over without thinking twice. I wouldn’t say this speaks to their general security competence.
Burner PW?
Just use a manager.
Been there, seen that. I got a login into the mainframe of the hospital I was working at. After the first login, it prompted me to change my password. So I did. It had a field width of 12 characters for the password which I used completely.
I logged out and tried to log in again. And found that the login screen password field only allowed for 8 characters.
I got my password reset, chose a new one with only 8 chars, and the first thing I did after completing the login process was to file a bug report. My boss was completely shocked when she got a copy of the report (basically asking who the f-ck is complaining about the computing centers software), and even more shocked when I told her where and how to submit a bug report herself. She had a notebook listing things that had annoyed her to no end on the system...
She had a notebook listing things that had annoyed her to no end on the system...
I like this. Feedback gives me something to do. Make something better.
When you take software reuse a step too far.
Oh God horrible. Also, how did I miss subscribing here??
What if the requirement is that it doesn't match the previous password?
Edit: never mind. Tired brain.
