Last month I made a post about trying to create password for a site that implemented and insane list of password rules. At the time I pointed out that this all felt like security theater and putting up a false front to make customers feel secure even though backend security is the real problem. At the time for my own security I removed ant references to what institution this was.
Well in light of recent events I now feel like coming forward and saying it was Chase.com. Yes that’s right the same Chase.com that recently leaked gigabytes of data, from 90 servers and compromised the lives of tens of millions of customers.