Why do so many companies and people say that your password has to be so long and complicated, just to have restrictions?

I am in the process of changing some passwords (I have peen pwnd and it’s the password I use for use-less-er sites) and suddenly they say “password may contain a maximum of 15 characters“… I mean, 15 is long but it’s nothing for a password manager.

And then there’s the problem with special characters like äàáâæãåā ñ ī o ė ß ÿ ç just to name a few, or some even won’t let you type a [space] in them. Why is that? Is it bad programming? Or just a symptom of copy-pasta?

  • 30p87@feddit.de
    link
    fedilink
    arrow-up
    10
    ·
    1 year ago

    Banks are the worst in this, the one website that should have secure passwords uses standards so low that KeePass can’t even go so low. I have to use a password I can remember, which may not actually be of a low standard but is in this case, considering it’s only 10 chars.

    • nyan@lemmy.cafe
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      Banks are the single industry most likely to be handing the passwords over to a 1970s mainframe that expects everything to be encoded in EBCDIC at some point in the validation sequence.

      This is an explanation, not an excuse.