I think that password case is a separate issue. If I remember correctly, many on... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gregsadetsky on Dec 28, 2021 \| parent \| context \| favorite \| on: Ask HN: How did my LastPass master password get le... I think that password case is a separate issue. If I remember correctly, many online services do "secretly" accept mixed cases for the same password (because users make more mistakes than they realize and it would be "annoying" to be too strict) If you didn't receive a "Someone just used" email (with an IP that's completely geographically off from where you are) that's a good sign, of course.

zdragnar on Dec 28, 2021 [–]

I tried pushing back on just such a request once, pointing out it made of of the password "security" requirements pointless (use mixed case letters).

"But famous company X does this, it is really convenient for users!" was all the response I got. All I could do at the time was (internally) shake my head.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact