this post was submitted on 26 Sep 2024
546 points (99.3% liked)

Technology

65819 readers
4921 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
546
NIST proposes barring some of the most nonsensical password rules (arstechnica.com)
submitted 5 months ago by Amicitas@lemmy.world to c/technology@lemmy.world
174 comments fedilink hide all child comments
 

Here is the text of the NIST sp800-63b Digital Identity Guidelines.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Sneezydinosaur@lemmy.world 7 points 5 months ago (1 children)

I had a simulator for school truncate after like 13 characters. And nowhere on their page did it specify a character limit. Would still accept an input of like 64 characters though. Got locked out of that account many times.

[โ€“] Hazor@lemmy.world 7 points 5 months ago

I've run into similar: on the account creation page there was no character limit on the input box nor stated in the password requirements, but on the login page the password input box was limited to 14 characters. So you could successfully create an account with a long password, you just couldn't log in because it wouldn't let you enter the whole password.