(skeletor is leading by example by adding that unnecessary apostrophe…)

  • MystikIncarnate@lemmy.ca
    link
    fedilink
    English
    arrow-up
    59
    ·
    8 months ago

    My main problem with passwords is the limits that sites put on what I can set for a password.

    I could not tell you how many times I reset my password using my password manager, then immediately log out, and log in using the credentials I just saved into my password manager, and they don’t work, because the site is truncating the password to 15/20/whatever characters.

    The number of times this limitation is not clearly stated, checked for, or even acknowledged by the site is too damn high.

    I’ve made it a habit of testing a login after every password set/reset to ensure I don’t have trouble with it in the future.

      • MystikIncarnate@lemmy.ca
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        8 months ago

        Usually 15, 16, 20, or 25 in my experience.

        15/16 I get, no idea why 20/25 is so common.

        My password manager generates 32 character passwords composed of random alphanumeric characters by default. I usually don’t modify it unless I hit a restriction, or its a site I’m particularly concerned about getting penetrated (in which case I increase the number of characters).

        I don’t mind sharing that because bluntly: anyone reading this, good luck figuring it out. The permutations is something along the lines of (26*2+10+(special characters))^32… Which is 3.5239… * 10^60… Otherwise known as 3.5 novemdecillion.

        Ha.

        • Dasus@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          8 months ago

          Wish we just had like 256 char passwords so I could actually use passphrases instead of passwords.

          It’d be way more secure for me compared to what I’m doing now.

          I’d do like Star Trek haikus or some such which would be actually possible to remember.

      • thecrotch@sh.itjust.works
        link
        fedilink
        arrow-up
        12
        ·
        8 months ago

        I created an account on a hosted service we use at work the other day, my password had to be exactly 12 characters. No more no less.

    • Raxiel@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      8 months ago

      See also: Sites that don’t allow “+” in email addresses while logging in, but do accept them at registration (including confirmation emails)

    • perfectly_boiled_pizza@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      2 months ago

      PlayStation Network has a limit of around 30 characters but they let you pick something longer. They even send you an email confirming that your password has been updated. But if you try to login with your new password it won’t work.

      I’ll probably forget this within the next time I have to change it. I will then AGAIN try with 128 characters and then 125, 120, 115… while yelling at the emails they send me.

      • MystikIncarnate@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        Can you maybe add a note to the account in your password manager to remind yourself of the limitation? I dunno, I’m just some guy

        • perfectly_boiled_pizza@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          2 months ago

          You’re absolutely right. I’ve got a talent for procrastination though. I tried giving myself an excuse while formulating this answer, but I realised that just fixing it would be quicker. Hahaha. Thank you