It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.

That’s not a “strong” password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I’m talking government websites, not just forums. It seems crazy to me.

  • Showroom7561@lemmy.caOP
    8·
    3 days ago

    If you absolutely must use it make sure that password is only used on that specific site. I would strongly recommend looking for other ways before you do though.

    Not only did I use a completely unique and random password, but all the “security questions” (they asked for quite a few), were just random words for things like “Your pet’s name”.

    In addition to the shitty password requirement, 2FA is also done by phone or text. Like, come on!

    • drspod@lemmy.ml
      6·
      3 days ago

      You should treat security questions like passwords and use strong alphanumeric passwords as the answers. Just make sure to store them in your password manager in such a way that you can remember which one goes with which question!

    • sugar_in_your_tea@sh.itjust.works
      1·
      2 days ago

      At least provide email as an option, which might at least be TLS encrypted. If you’re going to screw up security, at least make it something I can somewhat secure.