• Tlaloc_Temporal
    link
    fedilink
    35 months ago

    I’ve come across several sites with abhorrently short password limits, as low as 12.

    Worse, 2 of them accepted the longer password, but only saves the first n characters, so you can’t log in even with the correct password, untill you figure out the exact max length and truncate it manually.

    Even worse, one of those sites was a school authentication site, but it accepted the full password online and only truncated the password on the work computer login. That took me an entire period to suss out.

    • You just gave me a flashback to a system I encountered as a student where my password got truncated, so I couldn’t log in. I had to ask the teacher what to do, expecting her to have access to a reset or something, but she just told me what my password was. It was like 3 and a half words, clearly truncated and stored in plain text.