Almost 4 years ago, I wrote a short article on dumb websites who have a maxiumum password length.
Now, in 2012, there are still websites with such stupid policies. One of the most famous is none other than Microsoft’s Live Account service, which serves as the authentication hub for all things Microsoft. Basically, your Live ID, or whatever it’s called, can’t have a password longer than 16 characters.
Microsoft is, rightly so, getting a lot of criticism about that because the recently released Windows 8 lets you link your Windows user to a Live ID, for use with the whole Windows App Store thing and more.
I’m a huge fan on pass-phrases. Since Jeff already evangelised them over passwords, giving arguments and advice, there’s no need to add anything…
Except, well, some good old complaining.
It pisses me off that some websites have a limited length for passwords, thus preventing users from using pass-phrases. It’s not a pass-phrase if it can only have a maximum of 12 characters, is it? But the worst is how most of those websites won’t even warn you that your password is too long… they will just truncate it and tell you everything’s okay!