This practice is not recommended anymore, yet still found in many enterprises.

  • boredsquirrel@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Max. 16 characters

    (Still remember: if they have a password length limit, they store the password in plain text!)

      • boredsquirrel@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        I think they could also check that length with Javascript in the browser. Dont know, you should ask the devs.

      • cm0002@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        He should have said a short length limit, it’s still recommended to have a length limit of some sort (I think 64 is the official recommendation) to prevent people from doing shit like pasting the entire Shrek script as a password (because you KNOW some people will lol)

    • dQw4w9WgXcQ@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Why would you say that? Services are able to require special characters, variable casing and numbers. Why would the reqirement of max length of the password cause the storage to succumb to plain text?