It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.
That’s not a “strong” password, random characters or not.
Is there a limitation that somehow prevents these sites from allowing more than 16 characters?
I’m talking government websites, not just forums. It seems crazy to me.
It means it’s stored unencrypted.
You don’t want your password to be encrypted, you want it to be hashed.
I was going to say hashing is a kind of encryption but I can tell you’re an engineer, so I’ll simply link my feeble cite and go back to my corner quietly.
The fundamental difference is that hash functions are designed to be irreversible (one-way functions), whereas encryption is designed to be reversible (where the inverse operation is called “decryption”).
Indeed, that is what the cite says as well.