(skeletor is leading by example by adding that unnecessary apostrophe…)

  • @[email protected]
    link
    fedilink
    English
    5810 months ago

    My main problem with passwords is the limits that sites put on what I can set for a password.

    I could not tell you how many times I reset my password using my password manager, then immediately log out, and log in using the credentials I just saved into my password manager, and they don’t work, because the site is truncating the password to 15/20/whatever characters.

    The number of times this limitation is not clearly stated, checked for, or even acknowledged by the site is too damn high.

    I’ve made it a habit of testing a login after every password set/reset to ensure I don’t have trouble with it in the future.

    • @GhostlyPixel
      link
      English
      2610 months ago

      The amount of websites that limit passwords to 16 characters is alarming

      • @[email protected]
        link
        fedilink
        English
        1210 months ago

        Usually 15, 16, 20, or 25 in my experience.

        15/16 I get, no idea why 20/25 is so common.

        My password manager generates 32 character passwords composed of random alphanumeric characters by default. I usually don’t modify it unless I hit a restriction, or its a site I’m particularly concerned about getting penetrated (in which case I increase the number of characters).

        I don’t mind sharing that because bluntly: anyone reading this, good luck figuring it out. The permutations is something along the lines of (26*2+10+(special characters))^32… Which is 3.5239… * 10^60… Otherwise known as 3.5 novemdecillion.

        Ha.

        • @Dasus
          link
          510 months ago

          Wish we just had like 256 char passwords so I could actually use passphrases instead of passwords.

          It’d be way more secure for me compared to what I’m doing now.

          I’d do like Star Trek haikus or some such which would be actually possible to remember.

      • @[email protected]
        link
        fedilink
        1210 months ago

        I created an account on a hosted service we use at work the other day, my password had to be exactly 12 characters. No more no less.

      • @bbuez
        link
        810 months ago

        My fucking bank: 👀

    • @Raxiel
      link
      610 months ago

      See also: Sites that don’t allow “+” in email addresses while logging in, but do accept them at registration (including confirmation emails)

    • @perfectly_boiled_pizza
      link
      13 months ago

      PlayStation Network has a limit of around 30 characters but they let you pick something longer. They even send you an email confirming that your password has been updated. But if you try to login with your new password it won’t work.

      I’ll probably forget this within the next time I have to change it. I will then AGAIN try with 128 characters and then 125, 120, 115… while yelling at the emails they send me.

      • @[email protected]
        link
        fedilink
        English
        13 months ago

        Can you maybe add a note to the account in your password manager to remind yourself of the limitation? I dunno, I’m just some guy

        • @perfectly_boiled_pizza
          link
          23 months ago

          You’re absolutely right. I’ve got a talent for procrastination though. I tried giving myself an excuse while formulating this answer, but I realised that just fixing it would be quicker. Hahaha. Thank you

          • @[email protected]
            link
            fedilink
            English
            13 months ago

            My pleasure. I regularly put notes in my password manager about stuff like this.

            Have a good day.