this post was submitted on 04 Apr 2024
1020 points (98.8% liked)

linuxmemes

21263 readers
573 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] trafficnab@lemmy.ca 7 points 7 months ago (2 children)

    Unless they've changed it very recently, Paypal still limits your password to 20 characters

    [–] ozymandias117@lemmy.world 10 points 7 months ago (1 children)

    Unless they’ve changed it very recently, Wells Fargo’s passwords are case insensitive

    [–] trafficnab@lemmy.ca 6 points 7 months ago (1 children)

    Air Canada's online account system required a 6 character password, which was secretly converted via T9 to 6 numbers on the back end, meaning "aaaaaa" and "bbbbbb" were effectively the same password, and this was only fixed in 2018

    [–] 4z01235@lemmy.world 2 points 7 months ago (1 children)

    That sounds like someone who topped out with highschool level programming tried to implement a hash algorithm.

    [–] trafficnab@lemmy.ca 4 points 7 months ago

    My personal theory is that it's a remnant of an old system that was only accessible by phone (hence the 6 digit pin), and they simply grafted an online component on top of it

    [–] MeanEYE@lemmy.world 5 points 7 months ago (1 children)

    Any service that limits maximum length of the password means they are not hashing them. Which is a scary proposition, especially for such a huge service.

    [–] trafficnab@lemmy.ca 3 points 7 months ago (1 children)

    That's normally my assumption too but surely PayPal has proper security, right? Right??

    [–] MeanEYE@lemmy.world 2 points 7 months ago

    It's possible that limit is either gone or vestige from a bygone age and they are hashing passwords properly now. Either way they do seem like they take security seriously.