Reminds me of one of the US telecoms. I set a 16 char password, but parts of the service limited the password to 15 chars when entering, so I couldn't log in. Given that passwords are (*cough* should be *cough*) stored in the form of hashes, why does anyone limit the max length…https://twitter.com/KrzaQ2/status/997397776676814849 …
Replying to @gynvael
I mean, if you follow best practices and use a high work factor, you probably want to limit password length to mitigate a DoS mechanism, even though you're hashing. But the appropriate limit for that is definitely > 16 :)
3:17 AM - 2 Jun 2018
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.