My bank’s password field is case insensitive. Of course they could have lowercas... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tonyedgecombe 55 days ago \| parent \| context \| favorite \| on: GrapheneOS – Break Free from Google and Apple My bank’s password field is case insensitive. Of course they could have lowercased it before hashing but I doubt it.

abustamam 55 days ago [–]

That's scary. I wonder if incompetence like that could lead to a lawsuit in the case of a breach.

At this point I wouldn't be surprised if there exists a system that just asks for username with a checkbox "check here if you are the owner of this account"

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact