115
What is it with websites restricting passwords to 8 - 16 characters? Is there some technical limitation to their system?? (lemmy.ca)
submitted 1 week ago by Showroom7561@lemmy.ca to c/privacy@lemmy.ca
83 comments fedilink hide all child comments

It's infuriating to create a "strong password" with letters, numbers, upper and lowercase, symbols, and non-repeating text... but it has to be only 8 to 16 characters long.

That's not a "strong" password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I'm talking government websites, not just forums. It seems crazy to me.

you are viewing a single comment's thread
view the rest of the comments
[-] originalucifer@moist.catsweat.com 25 points 1 week ago

ive mostly noticed this on old systems.. where the field length for password was decided by an intern 30 years ago.

[-] shalafi@lemmy.world 6 points 1 week ago

This is it right here. The new system has to talk to the old database which has a character limit for that field. Untold amounts of money and effort would be required to update the back end.

[-] tinkling4938@lemmynsfw.com 2 points 6 days ago

Passwords should be hashed to a fixed length. Character limit implies clear text passwords are stored.

[-] shalafi@lemmy.world 1 points 6 days ago

What if the pass is only temporarily stored in a db table, then instantly hashed and dropped? Obviously, I'm no db admin. :(

[-] tinkling4938@lemmynsfw.com 1 points 6 days ago

Best practice is never to store a password in the clear.

[-] Jakeroxs@sh.itjust.works 3 points 1 week ago

Too real, I know of a company that is changing a number from 8 to 9 digits and it's estimated to cost around 230m to complete. Insanity.

this post was submitted on 30 May 2025
115 points (98.3% liked)

privacy

4516 readers
122 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 3 years ago
MODERATORS
QuentinCallaghan@sopuli.xyz
Kokomheart@lemmy.ca
altair222@beehaw.org