Why do so many companies and people say that your password has to be so long and complicated, just to have restrictions?

I am in the process of changing some passwords (I have peen pwnd and it’s the password I use for use-less-er sites) and suddenly they say “password may contain a maximum of 15 characters“… I mean, 15 is long but it’s nothing for a password manager.

And then there’s the problem with special characters like äàáâæãåā ñ ī o ė ß ÿ ç just to name a few, or some even won’t let you type a [space] in them. Why is that? Is it bad programming? Or just a symptom of copy-pasta?

      • dog@suppo.fi
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Your password could also just be a long, unique sentence, without any excessive special characters. Maybe even a poem.

        Like "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum eu leo eu nibh efficitur viverra. Integer lacinia tortor est, quis aliquet tortor varius sed. Sed dapibus vel turpis at suscipit. Nulla consequat orci in nibh dapibus sodales. Phasellus at arcu ac dolor suscipit pretium. Curabitur sit amet justo sit amet ipsum scelerisque accumsan ac ac nulla. Nullam accumsan lorem sagittis iaculis varius. Nullam convallis nisi ante, id congue diam tincidunt vel. Aliquam sed iaculis mauris. Nam leo nisi, consequat sed sodales non, tempor vel ante. Nunc eleifend vulputate turpis bibendum bibendum. Morbi nec massa in mi sagittis lacinia id ut metus. Maecenas gravida mi vitae lorem laoreet sagittis. "

        That’s alot of common characters and words; yet, it’ll take centuries to crack.

        • theherk@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Centuries? With that much entropy it would take several universe heat deaths even assuming millions of guesses per second I believe.

          • HeckGazer@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Once it gets that long it’s something like if every atom in the universe was used as a bit of computing it would still take some absurd n in 10^n heat deaths. Wild how fast the entropy zooms off the edge of the map

    • Marcbmann@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I’m always reminded of this when I see arbitrarily low caps on password character lengths.

      Recently signed up on a site that limited passwords to 11 characters. Why? Like, seriously, why?