Pass-phrases, and the problem with dumb websites

I’m a huge fan on pass-phrases. Since Jeff already evangelised them over passwords, giving arguments and advice, there’s no need to add anything…

Except, well, some good old complaining.

It pisses me off that some websites have a limited length for passwords, thus preventing users from using pass-phrases. It’s not a pass-phrase if it can only have a maximum of 12 characters, is it? But the worst is how most of those websites won’t even warn you that your password is too long… they will just truncate it and tell you everything’s okay! And then, the next time you log in, you spend 10 minutes wondering how you can mistype 50 times a passphrase you’re absolutely sure about.

Now, time to point some fingers. Recently, the 2 websites that gave me this kind of crappy user experience were the Archos Store (after creating a new account) and Linked In (after changing my password on an existing account). It’s especially surprising how a high profile website like Linked In can be so poorly implemented.