pull down to refresh

I'd be interested to know what their password requirements were. I'm sure there's plenty of arguments that they could have forced better password best practices if they tried.