Sparkasse Website
„Sparkasse“ is a group of banks which is pretty popular in Germany. It calls its passwords „PIN“ („persönliche Identifikations-Nummer“ — personal identification number), the rules are pretty horrific and its not even a number, even though it is called as such! Here is a screenshot from the branch where I am from (Jena, Germany), but since they have a central IT, I think it will be identical in other branches:
The rules are as such:
- Only 5 characters
- Small letters (a-z)
- Large letters (A-Z)
- Numbers (0-9)
- „Special“ characters: ä,ö,ü,Ä,Ö,Ü and ß (Not surprising for a german Company)
After the rules there some hints on how the password should not look like:
- Combinations of your initials and the birth year
- Your phone number or parts thereof
- Your zipcode
- Common combinations like 123ab or 55555
- Full or parts of your login credentials
They also have this Android app for 2FA (called Push-TAN), but the rules are different:
- At least 8 characters
- At least one digit
- At least one special character
- Upper- and lowercase letters