Why do so many companies and people say that your password has to be so long and complicated, just to have restrictions?

I am in the process of changing some passwords (I have peen pwnd and it’s the password I use for use-less-er sites) and suddenly they say “password may contain a maximum of 15 characters“… I mean, 15 is long but it’s nothing for a password manager.

And then there’s the problem with special characters like äàáâæãåā ñ ī o ė ß ÿ ç just to name a few, or some even won’t let you type a [space] in them. Why is that? Is it bad programming? Or just a symptom of copy-pasta?

  • punkisundead [they/them]@slrpnk.net
    link
    fedilink
    arrow-up
    40
    ·
    1 year ago

    And then there are times you set a password and everything just seems to work fine, but later the new password never works. You reset the password, try again and really focus because you think you made some mistake with the password manager. Again the password you set does not work.

    You begin to google the problem and see that there is a max password lenght of 12. But you always set passwords of the lenght 20-30 and the interface never complained. But because you are desperate, you try just the first 12 characters of the last password you set. And it works!

    I hate HP printers.

    • InfiniteFlow@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      You, you can add that list. Motherfuckers will let you type a password as long as you wish, only to internally truncate it. Was driving me crazy until I tried to log in on the mobile app, where it does prevent you to type more characters…

    • dog@suppo.fi
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Old Steam calling.

      Website and Client used different password rules, what worked for the other didn’t in the other.

    • owsei@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      How “a$$word” saved PayPal

      TL;DR: PayPal had reencrypted their database with a new encryption scheme, but it would accidentally cutout passwords larger than 8 characters. However one person in set their passphrase to “a$$word”, saving the day.