Security by Customer Annoyance

Anyone who has worked with databases will understand why the following rules for picking a password, from a major bank’s online banking signup form, makes a cold shiver run down my spine:

It cannot begin or end with a space and cannot include a single quotation mark, a double quotation mark, a comma, a greater-than symbol, or a less-than symbol.

Because actually, you know, making your software proof against SQL-injection attacks is too much work.

View All


  1. To quote Nelson from the simpsons “HAH HAW!”

  2. Though it’s better safer than sorry. *lol*

    And a lot of sites won’t even let you use /,\, or |

Comments are closed.