Guns, Cars, and Tech

Protip: Web Developer Edition

Written by

wizardpc

in

If you’re going to limit your password field to 12 characters on your login page, you should probably also limit your password field to 12 characters on your registration page.

Related: As a general rule, if you’re going to have criteria for passwords, it’s probably best to let the user know that.

That way you don’t have someone who uses a password manager–like me–input a random 16 character password during registration, only to immediately have to use the “reset my password” feature because I can only put 12 of my 16 characters in the box.

Comments

One response to “Protip: Web Developer Edition”

  1. David Avatar
    David

    Why do so many web-based systems have such a pathetic max password length anyway? Is there perhaps a default strlen in apache/tomcat or something? What really blows my mind are the ones that require a minimum of 8, a max of (12, usually), and (insert other, stupid condition, like not starting with a number). It’s obvious they’re doing it wrong with regards to password storage.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts