Tuesday, September 3, 2013

United Healthcare audits your passwords for swears

You'd think that setting up a user-registration page with reasonable validation rules would be pretty easy.  But as we've seen, there apparently aren't enough sensible people available to do this work.

United Healthcare takes the incompetence to a new level by judging the vulgarity level of your password.  And the best part is that they keep this policy a secret.



So not only does United Healthcare inappropriately examine confidential passwords for their semantic content, but UHC also deliberately wastes customers' time by not telling them why their passwords are rejected time after time, despite following the rules spelled out on the page.

And they know the policy is causing problems, because if you call their support line and tell them your new password is being rejected, the first question they ask is, "Does it contain curse words?"

Of course the appropriate question for you to ask in response is, "What business is it of yours?"

No comments:

Post a Comment