Prudential WTF's



  • I was registering for my 401k account at Prudential and came across the following two WTF's. 

    <FONT color=#000000>

    1) Username requirements:</FONT>

    <FORM name=userIdForm action=userId.do?task=processUserId method=post>
    <LABEL>Create your User ID</LABEL>
    <LABEL>A secure online profile starts with a unique User ID.</LABEL>
    <LABEL>Your User ID must
    - be between 6 and 32 characters in length
    - include both letters and numbers
    - NOT include your Social Security number
    - NOT include more than two consecutive characters such as "a111111" </LABEL>

    Since when does your username have to be as secure as a password?

    2) On each screen the "Next" button is greyed out when the page loads.  But is doesn't activate when you fill everything in.  It only activates after you click on it.  So you have to click on it twice.

    </FORM>


  • Re: Prudentional WTF's

    @campkev said:

    2) On each screen the "Next" button is greyed out when the page loads.  But is doesn't activate when you fill everything in.  It only activates after you click on it.  So you have to click on it twice.
     

     

    Does a sign light up saying "Please press this button again"?

     



  • @campkev said:


    2) On each screen the "Next" button is greyed out when the page loads.  But is doesn't activate when you fill everything in.  It only activates after you click on it.  So you have to click on it twice.

     

    Sounds like it's using a JavaScript onchange event handler to enable the button. Rather childish.



  • @Someone You Know said:

    @campkev said:


    2) On each screen the "Next" button is greyed out when the page loads.  But is doesn't activate when you fill everything in.  It only activates after you click on it.  So you have to click on it twice.

     

    Sounds like it's using a JavaScript onchange event handler to enable the button. Rather childish.

     

    yeah, I went back and checked it, it changes whenever you leave the last required field.  So you either have to tab out of it, or click somewhere else for the button to work.  Annoying.


  • Discourse touched me in a no-no place

    @campkev said:

    my 401k account

    Pension fund?

    @campkev said:

    - NOT include more than two consecutive characters such as "a111111"

    That includes a lot more than two consecutive characters.

    @campkev said:

    Since when does your username have to be as secure as a password?

    Dunno, but I got the same with Legal & General (for an equity ISA(.uk) for those who can be bothered and don't know) a few years back with an investment I made with them - my 'chosen username' didn't have any numbers in. So I added a couple of obvious ones to the end. It would appear that my default password for that type of login met their requirements.

    Downside: I can remember the password - I need help remembering the username!



  • @campkev said:

    NOT include more than two consecutive characters
    So it can only have 1 or 2 characters?

    That conflicts with the first requirement.</annal>

     



  • @campkev said:

    I was registering for my 401k account at Prudential and came across the following two WTF's.



     

    So did you decide to place your 401k elsewhere or is this a company one and you have no choice?



  • @campkev said:

    2) On each screen the "Next" button is greyed out when the page loads.  But is doesn't activate when you fill everything in.  It only activates after you click on it.  So you have to click on it twice.
     

    I suspect that is because a lot of inexperienced (windows) computer users double-click on everything twice, even when a single click would be enough or a double click might even lead to wrong results*.

    For example my mom always double-clicks on a program icon in program files, even though a single click is enough.

    Of course the correct way to handle this is disable (preferebly only  during a short time) the button after a click, but I don't think it's really a WTF.

    *It was very funny watching some of my fellow CS students navigate ithrough KDE during our first year, when they had to use linux for the first time to compile assembler programs. The standard setting in KDE is to open a directory/file after one click, which let to a lot of unwillingly openend subdirs or doublely opened files.



  •  ... and that just goes to show kde developers don't give a sh*t about usability... they should have added code to ignore a second click for at least the time it would take a person to double click on something.



  • @mariushm said:

     ... and that just goes to show kde developers don't give a sh*t about usability... they should have added code to ignore a second click for at least the time it would take a person to double click on something.

    It's not a matter of not caring about usability.  KDE developers, from what I've seen, care a *lot* about usability.

    They just don't realize that people who are not them, are not them.

    On the one hand, it's a much more profound WTF.  On the other hand, it's a behavior pattern I have seen a *lot* of people have.  I sometimes even catch myself thinking that other people will want things to be similar to how I want them, despite the fact that I know this to not be true in that specific area.



  • My bank (Chase) does the "must have numbers in username" thing.  Can't have underscores though.  No,but you need numbers to make it secure.

    They also rejected "1015" as a PIN for my ATM card because it "resembles a year".  I'm not sure how that works along with the requirement that it be an integer....

    Also, why do they put so much focus on username/password complexity, but still use a 4 digit int for your pin?


  • Garbage Person

    @vt_mruhlin said:

    Also, why do they put so much focus on username/password complexity, but still use a 4 digit int for your pin?
    Because Diebold and other ATM vendors would DIE HORRIBLE DEATHS if they had to actually write code instead of just making pretty UIs in VB.net and tying it to the C libraries they wrote in 1980. And so would every other vendor makes equipment to process debit transactions. And every software vendor that touches debit transactions. And most idiots can't remember a 5 digit number. And a dozen other reasons.



  • @mariushm said:

     ... and that just goes to show kde developers don't give a sh*t about usability... they should have added code to ignore a second click for at least the time it would take a person to double click on something.

     

    It's a fully configurable setting. In fact I believe on most distro's the "windows emulation mode" (I once saw a KDE setting pack named eerily similar to that in a distro). I'm not really sure how GNOME behaves either (altough my netbook currently runs ubuntu netbook remix, I really recommend it)* but I think it's the same.

    * I don't notice that sort of thing anymore, I just... adapt



  • @Weng said:

    Because Diebold and other ATM vendors would DIE HORRIBLE DEATHS if they had to actually write code instead of just making pretty UIs in VB.net and tying it to the C libraries they wrote in 1980.
    VB.net?! They use broken HTML around here (with horribly misaligned text, and an interface that changes to "Please insert card" about half a second after you insert it, and stays this way for about 5 seconds while it does something with the card).



    And my bank also has the number requirement in the username (and they disallow changing the PINs "for my own security" - this is what the customer service told me).



  • @vt_mruhlin said:

    Also, why do they put so much focus on username/password complexity, but still use a 4 digit int for your pin?

    Not every bank does this.  One of mine allows the PIN to be between 4 and 8 digits.  Actually, they allow it to be between 4 and 8 "characters", as long as you can type those characters on the digital keypad found on ATMs and debit card machines.

    A lot of ATMs and debit card machines do include letters in the telephone layout, but some put Q and Z on the number 1, while others put Q on 7 and Z on 9.  So if you have a Q or Z in your PIN, you might have to try again if the bank does it one way and the ATM or card reader does it the other way.

    davidh


Log in to reply