Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a password rule for citiretailservices.citibankonline.com #617

Closed
wants to merge 1 commit into from
Closed

Add a password rule for citiretailservices.citibankonline.com #617

wants to merge 1 commit into from

Conversation

Sameesunkaria
Copy link
Collaborator

@Sameesunkaria Sameesunkaria commented Jun 21, 2022
edited
Loading

Overall Checklist

for password-rules.json

  • The given rule isn't particularly standard and obvious for password managers
  • Generated passwords have been tested from this rule using the Password Rules Validation Tool
  • Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
  • The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

I wanted to give the password rules for citiretailservices.citibankonline.com a go. The rules differ from citi.com (#605). Password rules for Citi retail services seem to appear in two issues, #585 and #611. I have copied over the screenshot and video showing the password rules from the respective issues.

screenshot of password rules for citiretailservices.citibankonline.com

FullSizeRender.MOV

Rules

Here is a textual version of the rules:

Password Requirements
• Between 6 and 32 characters
• Include 1 letter and 2 numbers
• Cannot include 2 spaces in a row
• Cannot use special characters (~ , & , ( , ) , “ , < , > , ` , = , ‘ , : , ; , / , \ , | or ,)
• Must be different from User ID
• Different from your existing password and does not match any of your last 6 passwords

Additional quirks

  • The password rules demand that two spaces should not appear consecutively. I could not find a way to express that in the password rules language. To avoid specifying a general max-consecutive: 2, I decided to not include space in the allowed custom character class.

  • The password rules disallow a good number of special characters. I have added all the special characters specified in the customizing password autofill rules documentation that were not explicitly disallowed by the password rules.

🚨 Note: I am not able to test the passwords generated by the Password Rules Validation Tool myself, as I do not have an account with Citi retail services.

@snicolai-blog and @jcordeal, would you be able to help test the validity of the new password rule?

Thanks in advance :)

Closes #585
Closes #611

@dmmaslenn
Copy link
Collaborator

@snicolai-blog @jcordeal were you able to validate this fix?

@dmmaslenn
Copy link
Collaborator

Since we haven't heard back from anyone for a while I'm going to close this pull request.
@Sameesunkaria please feel free to open a new pull request

@dmmaslenn dmmaslenn closed this Oct 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Strong Password Doesn’t Comply with Citi Retail Services Policy LLBean mastercard at citibank rules
2 participants
@Sameesunkaria @dmmaslenn