I had found their accounting methods to be...not necessarily straightforward or well documented...so I decided to log in to their site every single day and download a PDF summary of the loan principle and interest balances. That way, I at least have a record over time of what they've done. Once I've collected enough data, I intend to go back and get a full understanding of how they're accounting for everything. Easy as pie, copy and paste my username/email address and password, click download, save a dated copy of the report and be done for the day.
Anyways, one day I found that I was unable to paste, so I chalked it up to a bug. A few days went by and I finally contacted their support team notifying them of the bug. They responded that their developers said that “By allowing users to paste a password into Manage My Account, the password is not being subjected to the edits in place to ensure that the password meets security requirements. Although it does not rule out all attacks, it does help to prevent automated attacks.” I found this to not be a satisfactory explanation, so I politely informed them in a detailed manner that passwords meeting security requirements had nothing to do whatsoever with the process of logging in and that their change had made for a very unpleasant user experience. I didn't hear anything back for a couple of weeks, but then they responded saying that they would make the change back to the original functionality within a couple of months...and they did!
"A car is just a big purse on wheels." -- Johanna Reynolds