
Ask HN: Is there a public shaming list for websites with bad password policies? - coreyp_1
I use password generation algorithms, so that I can have unique but memorable passwords to every site that I use.  (NOTE: I don&#x27;t like using random password generators, because I often have to access sites from different computers, and password keepers are not always conducive to this.  For that matter, I prefer to be the only one who knows all of my passwords!)<p>Sometimes websites have password policies that I&#x27;m sure they believe to be enforcing security, when in reality it requires me to use a less-secure password than I otherwise would.  I got bit by this again last night, and I want to do something to let these companies know that their password policies are limiting security at best, and at worst indicate poor password storage procedures.<p>Quite frankly, I would like to name-and-shame them somewhere, and I assume that here is as good a place as any.  Please add to this list (or point out another place where their misdeeds can be publicly aired!).<p>walmart.com limits my password to 12 characters. (also implies that passwords are stored in a retrievable manner)
======
clishem
[http://password-shaming.tumblr.com/](http://password-shaming.tumblr.com/) is
pretty good. I recall at least one other such site.

------
mtmail
Related [http://plaintextoffenders.com/](http://plaintextoffenders.com/) I
submitted a couple over the years.

