I was playing around a month or 2 ago with my login password for the web based email of my ISP.
My password was 10 characters long so just for fun I typed in 9 of them. I got in. Then I tried 8, I got in. All the way down to 5 before I didn't get in. Mind you, temp files and cookies were deleted before each attempt.
I called them (Local Co.) with another issue then asked about this odd password behavior. The guy thought I was kidding. The next day he emailed and said he tried it with his own password and got in like I did. He suggested to add some special characters to stop this behavior (should not have too). I changed to a cap letter at the 7th digit of my password, and added an additional 4 numbers. I can still get in as long as I type just past that cap letter leaving the others off. In other words, my password is 14 characters long with a capitalized letter at spot 7 followed by 7 other digits both numbers and letters and all I have to do is type up to and including the capitalized letter to gain access to my email.
Anyone ever tried this with their ISP? I asked for it to be looked into and repaired, but have never heard a word back.
I may try adding a special character at the end to see if that does the trick, but why should I have to do this? I may even publicize this being they are a local company. I bet the get on it then.