Bredbansbolaget, one of swedens largest broadband provider owned by Telenor, has a remarkable lousy password policy.

The password has to be between 5 and 8 characters, and valid characters are a-z, A-Z, 0-9 and _ (underscore).

With your username and password you can access your personal information, your e-mail, buy music, videos and lots of stuff and have it all on you internet bill.

Having this bad password policy goes against all recommendations nowadays and I think they really should consider changing it. Of course I am aware of that they will have less consumer support of people forgetting their password and things like that, but as a customer - should I feel safe? Guess not!

Worht mentioning is that a few months ago they sent out a flyer using regular mail with some information on their new online music shop. The flyer was a folded paper with a small piece of tape holding it folded. The flyer contained your username and password easily visible by just opening the corner of the flyer!