Ebay pretends to do password hashing. So why are they limiting passwords to 20 characters?
-
-
Replying to @jedisct1
@jedisct1@matthew_d_green The hash function they use has an output space of 20 chars and they don't want collisions?#YoloSecurity3 replies 0 retweets 3 likes -
Replying to @FredericJacobs
@FredericJacobs@jedisct1@matthew_d_green Microsoft is limiting to 16 chars iirc (office365 etc.)1 reply 1 retweet 1 like -
Replying to @veorq
@veorq@FredericJacobs@jedisct1 Microsoft had this backwards compatibility problem with some ancient password hash, didn't they?1 reply 0 retweets 0 likes -
Replying to @matthew_d_green
@matthew_d_green@veorq@FredericJacobs@jedisct1 LANMAN. 7+7 UPPERCASE. Today they blame unspecified legacy systems for maxlen=16 online.1 reply 1 retweet 1 like -
Replying to @thorsheim
@thorsheim@matthew_d_green@veorq@FredericJacobs@jedisct1 Um... u guys know you can type any number of chars there and it'll work, right?3 replies 0 retweets 0 likes -
Replying to @_mkfg
@_mkfg@thorsheim@veorq@FredericJacobs@jedisct1 Does it _use_ all the characters?1 reply 0 retweets 0 likes
@matthew_d_green @_mkfg @thorsheim @veorq @FredericJacobs Obviously just some printable ones.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.