What kind of retarded password system doesn't allow special characters and caps at 8? Seriously.
Oh, what's great is that about 6 or 7 years ago, I figured out that the old outdated software used to encrypt passwords on one of the primary systems I work on at my job actually encrypts multiple characters to the same encrypted character. This meant that I could substitute one character for another and the login screen would accept the input. So, for example, '2' encrypts to the same character as '3', so 'TEST2' and 'TEST3' can be used interchangeably as passwords, ie, if your password was 'TEST2' you could enter either 'TEST2' or 'TEST3' and the system would accept either one. And that's just one example, I figured out others. We're only just now getting around to upgrading to new encryption.
Fortunately, I work on a system that has a lot of other security features in place, and the software in question is only accessible by our clients (ie banks), who have direct connections to our mainframe.