Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This question reminds me of another brain-dead and rather incredible password policy I encountered. I was trying to set a password for United Healthcare. Their password requirements were shown, and I was complying with all of them. Yet it was failing over and over.

I finally called them to report the problem, and the first question out of the rep's mouth was, "Does your password contain swear words?"

I shit you not, UHC secretly audits your passwords for "swear words." Doing so is bad enough, but not mentioning it in the rules is doubly offensive for deliberately stealing users' time.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: