Why do so many companies and people say that your password has to be so long and complicated, just to have restrictions?

I am in the process of changing some passwords (I have peen pwnd and it’s the password I use for use-less-er sites) and suddenly they say “password may contain a maximum of 15 characters“… I mean, 15 is long but it’s nothing for a password manager.

And then there’s the problem with special characters like äàáâæãåā ñ ī o ė ß ÿ ç just to name a few, or some even won’t let you type a [space] in them. Why is that? Is it bad programming? Or just a symptom of copy-pasta?

  • bizdelnick
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    Non-ASCII characters can cause troubles because of different encodings and because you may need to type them on a machine where corresponding keyboard layout is missing.

    The password length limit is nothing short of stupid.

    xkcd:936

    • FinancesDrone98@programming.devOP
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      My mother’s password for everything got compromised recently. I told her to think of a sentence that will never happen and to write it down and store it somewhere safe.

      She remembered it instantly.

      Oh, and I made her a password manager