114
What is it with websites restricting passwords to 8 - 16 characters? Is there some technical limitation to their system?? (lemmy.ca)
submitted 1 week ago by Showroom7561@lemmy.ca to c/privacy@lemmy.ca
83 comments fedilink hide all child comments

It's infuriating to create a "strong password" with letters, numbers, upper and lowercase, symbols, and non-repeating text... but it has to be only 8 to 16 characters long.

That's not a "strong" password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I'm talking government websites, not just forums. It seems crazy to me.

you are viewing a single comment's thread
view the rest of the comments
[-] homesweethomeMrL@lemmy.world 6 points 1 week ago

It means it’s stored unencrypted.

[-] drspod@lemmy.ml 10 points 1 week ago

You don't want your password to be encrypted, you want it to be hashed.

[-] homesweethomeMrL@lemmy.world 5 points 1 week ago

I was going to say hashing is a kind of encryption but I can tell you're an engineer, so I'll simply link my feeble cite and go back to my corner quietly.

[-] drspod@lemmy.ml 9 points 1 week ago

The fundamental difference is that hash functions are designed to be irreversible (one-way functions), whereas encryption is designed to be reversible (where the inverse operation is called "decryption").

[-] homesweethomeMrL@lemmy.world 2 points 1 week ago

Indeed, that is what the cite says as well.

this post was submitted on 30 May 2025
114 points (98.3% liked)

privacy

4487 readers
127 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 3 years ago
MODERATORS
QuentinCallaghan@sopuli.xyz
Kokomheart@lemmy.ca
altair222@beehaw.org