this post was submitted on 18 Aug 2024
851 points (98.9% liked)

Cybersecurity - Memes

2091 readers
2 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS
Sam1232188
neurohost
[email protected]
[email protected]
CannaVet
851
Password length requirement (feddit.org)
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/cybersecuritymemes
170 comments fedilink hide all child comments
 

Last week, I tried to register for a service and was really surprised by a password limit of 16 characters. Why on earth yould you impose such strict limits? Never heard of correct horse battery staple?

you are viewing a single comment's thread
view the rest of the comments
[–] x0x7 3 points 5 months ago* (last edited 5 months ago)

Ok. Take up to 65,536 bytes of utf8 string. Or better yet. Accept any password length. I mean any. But instead of transmitting it you bcyrpt on their machine and then use the resulting key to hmac sign a recent timestamp that can't be reused.