Lemmmy
commented
6 years ago I would consider placing this limit as 64 chars instead, as you can get pretty insecure passwords by combining 3 dictionary words that are still longer than 24 chars.
Closed ghost closed 6 years ago
Lemmmy
commented
6 years ago I would consider placing this limit as 64 chars instead, as you can get pretty insecure passwords by combining 3 dictionary words that are still longer than 24 chars.
Lemmmy
commented
6 years ago According to this issue and a few related issues, the issues only start to appear in the order of 256+ chars, so this limit could be placed around 128 safely, while still ensuring the security of passwords is properly checked.
ghost
commented
6 years ago Changed to 128
As I know from personal experience, long passwords result in the web-page hanging due to strength estimation.