Cybersecurity - Memes

1975 readers

2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

[email protected]

Password length requirement (feddit.org)

submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

151 comments fedilink hide all child comments

Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 3 months ago (5 children)

The answer is always a poorly coded database. :(

[–] [email protected] 0 points 3 months ago (4 children)

What? The password should only receive the hashed password, and that's gonna have a fixed length. What's stored in the db should have the exact same length whether the password is 2 characters long or 300. If the length of the password is in any way a consideration for your database, you've royally fucked up long before you got to that point.

[–] [email protected] 0 points 3 months ago

You are expecting a lot from someone who thinks a password needs a low maximum length. It makes sense to limit password length to avoid dos attacks, but certainly to something longer than 16.

load more comments (3 replies)