|
|
4
|
|
|
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites where I actually care about their security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths (more like 8 or 10, I understand why 100000000 might be a problem...)?
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites I actually care about security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths (more like 8 or 10, I understand why 100000000 might be a problem...)?
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites where I actually care about their security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths (more like 8 or 10, I understand why 100000000 might be a problem...)?
|
|
| |
|
Notice removed Reward existing answer by Mike Graham
|
occurred Feb 13 '14 at 19:41
|
|
| |
|
Bounty Ended with Tom Leek's answer chosen by Mike Graham
|
occurred Feb 13 '14 at 19:41
|
|
| |
|
Notice added Reward existing answer by Mike Graham
|
occurred Feb 12 '14 at 13:25
|
|
| |
|
Bounty Started worth 50 reputation by Mike Graham
|
occurred Feb 12 '14 at 13:25
|
|
| |
|
Notice removed Reward existing answer by zerkms
|
occurred Dec 2 '13 at 2:16
|
|
| |
|
Bounty Ended with Tom Leek's answer chosen by zerkms
|
occurred Dec 2 '13 at 2:16
|
|
| |
|
Notice added Reward existing answer by zerkms
|
occurred Nov 29 '13 at 22:06
|
|
| |
|
Bounty Started worth 50 reputation by zerkms
|
occurred Nov 29 '13 at 22:06
|
|
| |
|
Question Protected by Jeff Ferland♦
|
occurred Mar 31 '13 at 8:34
|
|
| |
|
Tweeted twitter.com/#!/StackSecurity/status/318134111019597824
|
occurred Mar 30 '13 at 22:54
|
|
|
|
3
|
|
edited Mar 30 '13 at 21:56
|
What technical reasons are there to have low maximum password lengths?
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites I actually care about security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths (more like 8 or 10, I understand why 100000000 might be a problem...)?
What technical reasons are there to have maximum password lengths?
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites I actually care about security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths?
What technical reasons are there to have low maximum password lengths?
I have always wondered why so many websites have very firm restrictions on password length (exactly 8 characters, up to 8 characters, etc). These tend to be banks or other sites I actually care about security.
I understand most people will pick short passwords like "password" and "123456" but are there technical reasons to force this? Using an application like 1Password, almost all my passwords are something like fx9@#^L;UyC4@mE3<P]uzt or other randomly generated long strings of unlikely to guess things.
- Are there specific reasons why websites enforce strict bounds on password lengths (more like 8 or 10, I understand why 100000000 might be a problem...)?
|
|
|
|
2
|
|
edited Mar 30 '13 at 21:39
|
What technical reasons are there to have maximum password lengths?
|
|
|
|
1
|
|
asked Mar 30 '13 at 21:30
|
|
|
|
