Various state and federal accessibility laws would've made that a very questionable decision for a lot of industries. Given that it would cost money simply to get programmers to implement and might lead to more costs from legal challenges I suspect a lot of sites like banks and the like would've avoided it.
Now when it comes to basically any news site, entertainment service, social media, online store, or anything else that makes extra money on ads and harvesting user data? Oh yeah, they'd implement it in a heartbeat.
ryper@lemmy.ca 1 year ago
Banking site: We’ve implemented the Web Integrity API because security is important to us. Also the banking site: Your password can only be six characters.
livus@kbin.social 1 year ago
@ryper what? That's bizarre. Is this a US thing??
ryper@lemmy.ca 1 year ago
I’m in Canada and I haven’t registered on a banking site recently, but I have definitely had stupidly low password length limits on banking sites in the past. The password from my old Bank of Montreal account that was last updated in 2015 is only 6 characters, and it’s only numbers and letters; I would have definitely had 1Password generate a better password if the rules had allowed it.
Polar@lemmy.ca 1 year ago
Tangerine used to have 4-6 digit PIN (no password) to access your online-only account.
Not sure if they still do. I believe so, though.
livus@kbin.social 1 year ago
Interesting. I'm in New Zealand and my bank passwords are all proper length and characterset. They also have 2FA.
I always thought it was just the US that has an antiquated banking system.