this post was submitted on 30 May 2025
109 points (98.2% liked)

privacy

4284 readers
57 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 3 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
109
What is it with websites restricting passwords to 8 - 16 characters? Is there some technical limitation to their system?? (lemmy.ca)
submitted 2 days ago by [email protected] to c/[email protected]
74 comments fedilink hide all child comments
 

It's infuriating to create a "strong password" with letters, numbers, upper and lowercase, symbols, and non-repeating text... but it has to be only 8 to 16 characters long.

That's not a "strong" password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I'm talking government websites, not just forums. It seems crazy to me.

you are viewing a single comment's thread
view the rest of the comments
[–] chickenf622 9 points 2 days ago (1 children)

Yeah that's cause they're using ancient systems that probably store the password in plaintext. If you absolutely must use it make sure that password is only used on that specific site. I would strongly recommend looking for other ways before you do though.

[–] [email protected] 8 points 2 days ago (2 children)

If you absolutely must use it make sure that password is only used on that specific site. I would strongly recommend looking for other ways before you do though.

Not only did I use a completely unique and random password, but all the "security questions" (they asked for quite a few), were just random words for things like "Your pet's name".

In addition to the shitty password requirement, 2FA is also done by phone or text. Like, come on!

[–] [email protected] 6 points 2 days ago

You should treat security questions like passwords and use strong alphanumeric passwords as the answers. Just make sure to store them in your password manager in such a way that you can remember which one goes with which question!

[–] sugar_in_your_tea 1 points 1 day ago

At least provide email as an option, which might at least be TLS encrypted. If you're going to screw up security, at least make it something I can somewhat secure.