Tuesday, July 24, 2012

Stupid Yahoo Password Criteria

For about a week, I've been wrestling with my Yahoo! password.  My old, but still functional, Palm Centro mobile phone has an app to connect to Yahoo mail, but it recently stopped working.  Given that it failed the day after I changed my password, one might claim that it was a self inflicted injury, but no...  it was Yahoo's fault for storing 450,000 passwords in clear text which, of course, got hacked and published.

The smart thing was to change the password.  What Yahoo failed to explain was that in order to be able to login to your account on their mobile site, you have reset your password from a desktop computer, using the password requirements for the mobile site.  Unfortunately, the password criteria checker they use is Javascript, and it is not configured with the password criteria used on the mobile site.

Bottom line:
You can use special characters !@#$, but not %^&*.
My password contained the percent sign.  I could login from my Windows and Linux machines using IE or Firefox, even using the m.yahoo.com URL to force the browser to the mobile site.  I could not login from my Palm Centro across the SprintPCS network using either the mobile browser or mail app.  Just to prove that this was not a Palm problem, I also could not login from my Android E-reader tablet.

As soon as I changed my password to use use a "good" special character, rather than a "bad" special character, all previously denied devices worked.

No comments:

Post a Comment