850

Password length requirement (feddit.org)

submitted 10 months ago* (last edited 10 months ago) by cron@feddit.org to c/cybersecuritymemes@lemmy.world

170 comments fedilink hide all child comments

Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?

you are viewing a single comment's thread
view the rest of the comments

[-] viking@infosec.pub 12 points 10 months ago

Makes you wonder if they store the password in plain text, or convert to lower key during your first input so it's at least hashed. I wouldn't be surprised if it's not.

[-] lseif@sopuli.xyz 10 points 10 months ago

they store the passwords as filenames on a windows system

[-] subignition@fedia.io 4 points 10 months ago

Put a colon in your password and crash the whole system

[-] lseif@sopuli.xyz 2 points 10 months ago

set your password as GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} for infinite money glitch

[-] JustAnotherRando@lemmy.world 4 points 10 months ago* (last edited 10 months ago)

I don't think it could be hashed if it is case insensitive. It's fairly early so I may be misremembering but I'm not aware of any hashing algo that ignores case.

Edit: Ah, actually they could be storing the password as a hash, but they would probably have to do like a password. ToLower() call or something where they morphed the string before checking... The thought of which just makes me shudder.

this post was submitted on 18 Aug 2024

850 points (98.7% liked)

Cybersecurity - Memes

2939 readers

1 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Sam1232188@lemmy.fmhy.ml

Alphadef@programming.dev

CannaVet@lemmy.world