It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.

That’s not a “strong” password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I’m talking government websites, not just forums. It seems crazy to me.

  • @jagged_circle@feddit.nl
    link
    fedilink
    English
    87 days ago

    NIST recommended to never have passwords expire since like 3 decades. You gotta get rid of that. It makes your org less secure.

    Probably best to just fire whoever set that up. They’re clueless