Hacker News new | past | comments | ask | show | jobs | submit login

How do you have case-insensitive passwords? Does it all get smooshed to lowercase before it's salted and hashed?



I think he means the password complexity policy is only measuring length, and doesn’t distinguish between upper and lower case. Not that the case doesn’t matter in the password. Just in the policy.


Don't know about employee passwords, but for Wells Fargo the online login passwords are case insensitive. I assume this is due to some legacy system somewhere, but for their system password = PASSWORD = PaSsWoRd. One of the many reasons I no longer bank with them.


Sounds like the easiest way to handle it to me.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: