You must log in or # to comment.
correct horse battery staple
How did you steal my password??
Witchcraft! Get them!
deleted by creator
And then there are those services that let you enter arbitrarily long passwords in the registration form but only save something like 16 characters.
I hate this situation. What horrible design choices in their code!
deleted by creator
Amen
How would you know?
deleted by creator
No, that’s the point, you’d never know whether they only validate a subset of the password. Only by testing different variations you would know that less than the whole string still works.
deleted by creator
I wouldn’t speculate on how common it is but limiting passwords seems to happen more than it should. So maybe many are taking the stealth approach.
One site I know where this happens (at least I experienced it some years ago) was Blizzard. Found out by sheer luck after I clearly fumbled the end of my password and was logged in regardless.
People gotta stop doing QkFEcEEkJFcwUkQ=
aQuickBrownFoxJumpedOverALazyDog$nuggle9 is far easier to remember and secure.
The article is from Bitwarden, which is a password manager - using them you don’t need to remember individual passwords (or type them, normally).
Bitwarden does have an option to use passphrases, I just tried it and it gave me washtub-moocher-dominoes.
I use auto generated passphrases. It’s mostly for the occasions where I need to give the password to someone, without logging into my bitwarden account, on the device. It’s a lot easier, for comparable levels of security.
deleted by creator
Not really, you have a better chance if you use a completely random set of words. I remember hearing of someone getting their bitcoin stolen from their wallet despite their password being from an obscure Afrikaans poem.
Precisely why I salted it.
deleted by creator
Always something a bit unique, can’t make it predictable if someone managed to dump a list of em. This also isn’t the formula I used just an example. Random words is also better if your memory is decent, they can even be your salt.
I’m more of a SphinxOfBlackQuartz,JudgeMyVow:3 kinda guy
I switched to using word phrases after having to type in these Qjdu37hYdu4sjdh&) |] >[vry monstrosities or communicate them to someone else one too many times.
if you have to ask, not enough. i once had a bank whose system didn’t accept any password longer than 10 characters, and that was only after i called them up and asked why i couldn’t log in
Interesting to see the linked list of the top 100,000 passwords from the Have I Been Pwned data set
Removed by mod
