58
Congress needs to act now to stop web developers from creating account interfaces which accept new passwords while silently truncating them (hexbear.net)
submitted 1 week ago* (last edited 1 week ago) by TankieTanuki@hexbear.net to c/technology@hexbear.net
16 comments fedilink hide all child comments

"This is the third time I've done a password reset! WTF is going on?"

I'm not usually for capital punishment, but... knifecat

you are viewing a single comment's thread
view the rest of the comments
[-] FuckBigTech347@lemmygrad.ml 1 points 1 week ago

Can you elaborate? I have both a Dell and HPE Server with IDRAC and ILO respectively and I haven't noticed anything like that.

[-] stupid_asshole69@hexbear.net 2 points 1 week ago

I just checked and idrac 8 tells you it’s a 20 character limit and silently truncates when you go longer than that. I’m not at an hp thing to check about ilos behavior.

[-] FuckBigTech347@lemmygrad.ml 1 points 1 week ago

I think I have seen it complaining about too long passwords before but I did not know about it silently truncating. I just tested what ILO does on my HP and it happily accepts an arbitrarily long password but it only ever uses the first 40 characters. Good to know!

[-] stupid_asshole69@hexbear.net 1 points 1 week ago

Another one I can make accusations about from memory but not substantiate is Cisco uhh xr? Gear.

this post was submitted on 15 Jul 2025
58 points (98.3% liked)

technology

23883 readers
167 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS
context@hexbear.net
EmmaGoldman@hexbear.net
SexUnderSocialism@hexbear.net
gaycomputeruser@hexbear.net
ZoomeristLeninist@hexbear.net