What kind of maniac would use a password that’s longer than 60 characters?
I get that password managers are standard now, but anything outside the norm is just asking for trouble. I vividly remember updating a client’s webfrom to reject emojis in passwords, because for some reason people started using them and it wrecked havoc in the backend.
Personally I would consider truncating passwords or even having password max length problematic. First of all you will need to update the length as soon as it would be considered too short, not to mention all the passwords you now need to migrate. It can also imply that you’re not using standard techniques for password storage.
What kind of maniac would use a password that’s longer than 60 characters?
I get that password managers are standard now, but anything outside the norm is just asking for trouble. I vividly remember updating a client’s webfrom to reject emojis in passwords, because for some reason people started using them and it wrecked havoc in the backend.
Personally I would consider truncating passwords or even having password max length problematic. First of all you will need to update the length as soon as it would be considered too short, not to mention all the passwords you now need to migrate. It can also imply that you’re not using standard techniques for password storage.