It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.

That’s not a “strong” password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I’m talking government websites, not just forums. It seems crazy to me.

  • chickenf622@sh.itjust.works
    10·
    1 day ago

    Yeah that’s cause they’re using ancient systems that probably store the password in plaintext. If you absolutely must use it make sure that password is only used on that specific site. I would strongly recommend looking for other ways before you do though.

    • Showroom7561@lemmy.caOP
      8·
      1 day ago

      If you absolutely must use it make sure that password is only used on that specific site. I would strongly recommend looking for other ways before you do though.

      Not only did I use a completely unique and random password, but all the “security questions” (they asked for quite a few), were just random words for things like “Your pet’s name”.

      In addition to the shitty password requirement, 2FA is also done by phone or text. Like, come on!

      • sugar_in_your_tea@sh.itjust.works
        1·
        15 hours ago

        At least provide email as an option, which might at least be TLS encrypted. If you’re going to screw up security, at least make it something I can somewhat secure.

      • drspod@lemmy.ml
        6·
        1 day ago

        You should treat security questions like passwords and use strong alphanumeric passwords as the answers. Just make sure to store them in your password manager in such a way that you can remember which one goes with which question!