Password Restrictions

Just wondering what the restrictions on passwords are (I hope the answer is there are none).

I just entered a password in the password field and I only see 20 dots. Does this mean there is a limit on password character length? What happens if I go over this if there is?

I’ve just checked and the maximum permitted password length is 20 characters (aplha-numeric + symbols).

The input box shouldn’t allow you to type in more than 20 characters.

No, it doesn’t. I pasted in a longer password and it truncated it.

The general gist here is that there shouldn’t be a limit set on passwords unless you are mishandling them server side. Most of my passwords are 30 characters or more, I am going through and updating ones that are less than this and complaining loudly when they don’t allow it!

I think pasting will cause the password to auto-truncate.

A 20 character password (lower and upper case, plus symbols and numbers) would provide sufficient entropy to be literally uncrackable.

You can test this yourself here.

https://www.grc.com/haystack.htm

20 characters (mixed) would take approx 11.52 thousand trillion centuries to brute force. Even 12 characters would take 1.7 centuries.

This topic was automatically closed after 7 days. New replies are no longer allowed.