Well yeah, if you don’t truncate the password to 12 chars how will you fit the plaintext in a memory efficient fixed latin1 CHAR column that only accepts letters, numbers, and underscores
I’ve had that before and I’m very confident the password was correct - my theory is that they’d changed how non-ASCII characters like £ were handled and their code only half recognised my password.
It’s not quite complete without code on the password reset page to tell you that you can’t reuse your password.
And label the text box “username” when it only accepts email address.
Don’t forget to have hidden password requirements and secretly truncate any password longer than 12 characters.
Well yeah, if you don’t truncate the password to 12 chars how will you fit the plaintext in a memory efficient fixed latin1 CHAR column that only accepts letters, numbers, and underscores
/s
Battle.net used to not be case-sensitive for passwords, back in like the pre-wow era.
Intresting. At least they got their act together, even making a physical totp authenticator in the 2000s.
I’ve had that before and I’m very confident the password was correct - my theory is that they’d changed how non-ASCII characters like £ were handled and their code only half recognised my password.
I never got that rule. Surely it is less secure to keep records of historical passwords than to let someone rotate between !!! And #### etc
Hopefully they’re not sitting the old passwords in plain text and just have the hashes.