Remember how I told you of a sure tip off to an insecure site? Were you looking for an in-the-wild example? Well, here it is. The very apotheosis of a bad password policy. Forget, for a moment, the ridiculous explanation for this policy. How does disabling special characters and essentially making the use of password managers impossible constitute good security policy?
These people deserve all the ridicule that the Internet can provide. Of course, the real cost will come when their database is captured, customer information compromised, and customers start suing. They will, I’m sure, express their surprise and mystification as to how it all happened.