DVLUP
March 22, 2026

Password Purgatory, a C# Scammer Trap

Posted on March 22, 2026  •  2 minutes  • 339 words
Table of contents

This is a reimagined version of Troy Hunt’s Password Purgatory ; written as a dotnet app and automatically published to Azure. It is not a 1:1 recreation of Troy’s, but maintains its spirit, see all the source code on GitHub at dotnet-password-purgatory

Just imagine, thousands of dollars is only a button click away, but your password keeps failing because of with the following rules:

  1. image
    • First entry form seems normal, some standard client-side validation to make sure I complete both fields.
  2. image
    • Okay, so I didn’t have a number in my password…
  3. image
    • Whoops, maybe I shouldn’t have just jammed a “1” on the end of the password…
  4. image
    • Ugh, okay, an upper-case character (starting to feel annoyed).
  5. image
    • This seems my own fault, nothing lets you use short password anymore.
  6. image
    • Wait, what? This is starting to seem like I’m being given the run-around… but adding ‘dog’ to the end is easy enough…
  7. image
    • Really, cat? Okay, three letters, lets add it and keep going because I want to see where this is going.
  8. image

If they keep going…

… and, then, it gets much worse from here 🤣

Go ahead and try it, see how far you get https://partnership.dvlup.com/ (you already have a headstart).

Educational Takeaways

Why would I bother doing this? there are some great lessons to learn while implementing and deploying it. This is a .NET Blazor app, published as an Azure Container app.

This wasnt a huge effort, but it is still giving me plenty of laughs and I hope you take away something in the journey.

Follow me on your preferred social network =>