• @orclev
    link
    English
    312 days ago

    Go all in, 1024 character password.

    • @[email protected]
      link
      fedilink
      English
      472 days ago

      They’ll accept it, but won’t tell you they ignored everything after character n, and their login page won’t take anything but the “correct” password so you’ll be spending some time figuring out the actual character count limit…

      • ERROR: Earth.exe has crashed
        link
        fedilink
        English
        252 days ago

        No, they’ll accept it. Then on the log in page tell you the max limit is X, even though on the password creation page, the password length you used was X+Y

      • Kaity
        link
        fedilink
        English
        72 days ago

        Even worse the password was accepted in full when registered, but the login field won’t accept the full length.

        • @[email protected]
          link
          fedilink
          English
          21 day ago

          Not a big surprise, they did the same with Windows 98. Everything after the first 14 was silently dropped.

    • @[email protected]
      link
      fedilink
      English
      11 day ago

      Bcrypt/Scrypt have a 72 byte limit. Developers can get around that by putting it through a regular hash first, but that’s not common.