4 comments

[ 3.4 ms ] story [ 17.0 ms ] thread
While attempting to help a family member register for an account on this credit/finance company, I noticed that amongst the password requirements was this statemant:

" We do not accept automatically generated passwords from IOS / Android"

What would be the reason for that?

It may be relevant that Creation Finance are known as a bottom-feeder type credit agency preying on people who have bad credit history. I am assuming that anything they require of their customers is somehow a dark pattern but I can't figure out what it might be here.

The most common dark pattern: stupidity.
Perhaps the autogenerated passwords do not comply with the other password requirements, and instead of reacting by rethinking their requirements, they have added that note as clarification?
I'd think so. They might have had reports "but I use the iOS feature for new password and it doesn't work" and instead of fixing they added a disclaimer that those generators aren't allowed.

1password had an initative where website owners can define the rules and their password manager program would generate it accordingly. I can't find it right now. It didn't gain traction.