-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I was going to buy my nephew a savings bond for his birthday (he is one, what else can you really get him?) and I was trying to sign up on treasurydirect.gov and was appauled by the security so I thought I would share.
First they have all these different rules regarding what you must have in your password (which I always think is dumb, let me pick my own password), however they limit you to 16 characters. Then I go to login and find out that the password isn't case sensitive (which makes me question if it's being hashed), and their "security" is that you can't type your password you have to use their onscreen keyboard (which can easily be fixed by opening up web dev tools and removing "readonly="readonly" " from the input field. http://cl.ly/PYNw I am just saying that I wish the government body which is in charge of money stuff would be a little smarter with their development. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCgAGBQJRthu0AAoJEES9cOv0A0l0Me8IALPQPYYSdrriOxg0iw0n8xAV y0pzSChhl0GUvDA9GtD5WEgmEBrQD/Sarj8cly8txfUrxdXtQk1cZcw4dvlIVY/K Knbfwqgsg+IZl+kret818eo3ZuNPRbI3uJkO5Kb1DK1jT3E7tV7Go9EsCZCHFzlv bD5X7LpOQZruiwLMQ/DRGfQjeHTBRkrfJzJwRJUwGlHFqxRh4gRF8zycVDA/eQz1 lbf1O1ooxEX1Jj2anj8KImpRGAQk+yhl3g4/zgmLtZ8jtDXzh9hq91xLk5pUHI5a JS4l7MuhZHdpnT+kHsxx00ta+ZBaZsBEuKqXbz3knkwM01db2R36YRimISxqZFc= =3+jt -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech