- cross-posted to:
- privacy
- hackernews@derp.foo
- cross-posted to:
- privacy
- hackernews@derp.foo
Largest Study of its Kind Shows Outdated Password Practices are Widespread::undefined
Largest Study of its Kind Shows Outdated Password Practices are Widespread::undefined
Depends on the limit really, if the limit is 32 characters or something like that, definite red flag.
If the limit is something like 250 or more characters, I’m more inclined to believe it’s basic protection from all the things that can go wrong when someone repeatedly POSTs whatever the maximum amount of garbage that your server’s request limit allows, at an API that performs cryptographic work.