this post was submitted on 18 Aug 2024
847 points (98.8% liked)

Cybersecurity - Memes

1964 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world
847
Password length requirement (feddit.org)
submitted 2 months ago* (last edited 2 months ago) by cron@feddit.org to c/cybersecuritymemes@lemmy.world
171 comments fedilink hide all child comments
 

Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?

you are viewing a single comment's thread
view the rest of the comments
[–] testfactor@lemmy.world 2 points 2 months ago

Absolutely beautiful. What a company, lol.

The real beauty of it is that I can't fathom the logic. Unless they're storing the passwords as plaintext, it's not like it can be a storage issue. The hashes will be a constant size. I guess it takes longer to hash bigger inputs, but like, that difference should be unnoticeable until thousands of characters.

Did the engineer who made it truly not fathom that people might have passwords longer than 12 characters? That's the kind of mid-90s logic that makes me genuinely worry that the passwords aren't hashed on the backend, or are just MD5'd or something...

Makes absolutely no sense at all.