Context is that I had to register for a lot of accounts recently and some of the rules really make no sense.
Not name-and-shaming, but the best one I’ve seen recently is I might have accidentally performed an XSS attack on a career portal using a 40-digit randomly generated password…
Not sure if it falls under the same category, but the way Activision handles (handled? I haven’t used them since) passwords was atrocious! I had to reset my password to get back into my account, I used a random diceware password, it accepted it. However! The client on both Windows and Xbox wouldn’t let you input a password longer than I believe 20 characters. So while you can set a 25 character password, you can go fuck yourself if you actually wanna log in…