• newsonic@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    3
    ·
    1 year ago

    Nope. No point in storing > 256 or even 128 chars for a password anyway. Useless storage wasted. Also it doesn’t really mean they store the password badly in the server.

      • dan@upvote.au
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        The length limit is mostly for the user’s sake - companies don’t want people to set their passwords to 30+ character ones that they keep forgetting and call their tech support to reset.

        • david@feddit.uk
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          That’s really really really annoying, as someone who has a good, strong brain-based password algorithm and hates it when websites forbid my strong password forcing me to make an exception.

    • conciselyverbose@kbin.social
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Ignoring that they must be hashed to be acceptable and that it’s not possible for 1000 characters of text to add up to a waste of storage worth mentioning in pretty much any environment, it’s literally impossible for a 128 character password limit to be beneficial in any way.

      A limit below that demonstrably lowers security by a huge margin.