It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.

That’s not a “strong” password, random characters or not.

Is there a limitation that somehow prevents these sites from allowing more than 16 characters?

I’m talking government websites, not just forums. It seems crazy to me.

  • sugarfoot00@lemmy.caEnglish
    7·
    8 days ago

    There’s always recycling. Or changing that final character from a 1 to a 2, etc. The human brain just cant handle the complexity otherwise.

    • teft@lemmy.world
      2·
      8 days ago

      Use a couple words instead of letters, you’ll find it easier to remember and not use repeats. Bicycle Uber Pancake 4* should be more secure than some random bunch of letters you’ll forget.

      • sugar_in_your_tea@sh.itjust.works
        4·
        8 days ago

        Just use a password manager. No need to remember anything besides your master password. That works for pretty much everything, except I guess computer logins.

        • teft@lemmy.world
          3·
          8 days ago

          Well yes everyone should use a password manager but some people can’t load a password manager onto their work computer and therefore are more likely to use non-random passwords. It’s easier to remember a passphrase than a random password.

            • Kazumara@discuss.tchncs.de
              1·
              7 days ago

              We got SSO systems too, unfortunately, there are about 3 of them, lol. The old ADFS, the current Microsoft login (possibly cloud AD, not sure), and our own ID product that we offer to customers.