Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?
A major US bank that I used to use has case insensitive passwords, found that out one day when I noticed caps lock was on after logging in with no trouble
Makes you wonder if they store the password in plain text, or convert to lower key during your first input so it's at least hashed. I wouldn't be surprised if it's not.
I don't think it could be hashed if it is case insensitive. It's fairly early so I may be misremembering but I'm not aware of any hashing algo that ignores case.
Edit: Ah, actually they could be storing the password as a hash, but they would probably have to do like a password. ToLower() call or something where they morphed the string before checking... The thought of which just makes me shudder.
A major US bank that I used to use has case insensitive passwords, found that out one day when I noticed caps lock was on after logging in with no trouble
Makes you wonder if they store the password in plain text, or convert to lower key during your first input so it's at least hashed. I wouldn't be surprised if it's not.
they store the passwords as filenames on a windows system
Put a colon in your password and crash the whole system
set your password as
GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
for infinite money glitchI don't think it could be hashed if it is case insensitive. It's fairly early so I may be misremembering but I'm not aware of any hashing algo that ignores case.
Edit: Ah, actually they could be storing the password as a hash, but they would probably have to do like a
password. ToLower()
call or something where they morphed the string before checking... The thought of which just makes me shudder.