It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.

That’s not a “strong” password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I’m talking government websites, not just forums. It seems crazy to me.

  • drspod@lemmy.ml
    11·
    8 days ago

    You don’t want your password to be encrypted, you want it to be hashed.

    • Optional@lemmy.world
      5·
      8 days ago

      I was going to say hashing is a kind of encryption but I can tell you’re an engineer, so I’ll simply link my feeble cite and go back to my corner quietly.

      • drspod@lemmy.ml
        10·
        8 days ago

        The fundamental difference is that hash functions are designed to be irreversible (one-way functions), whereas encryption is designed to be reversible (where the inverse operation is called “decryption”).