**✨Ben Hamill✨** @benhamill@octodon.social · Apr 18, 2017, 13:59

**✨Ben Hamill✨** @benhamill@octodon.social · Apr 18, 2017, 13:59

✨Ben Hamill✨ @benhamill@octodon.social

A website complained at me for trying to make a password too long. Their limit is 40 characters. Oh.

**ꝺꜫꞅh̵Ɪꝕꞟ** @deshipu · Apr 18, 2017, 14:08

**ꝺꜫꞅh̵Ɪꝕꞟ** @deshipu · Apr 18, 2017, 14:08

@benhamill Whenever I see a length limit on a password field this tells me one thing "we store your password, not its hash".

**evilchili** @evilchili@mastodon.social · Apr 18, 2017, 15:05

**evilchili** @evilchili@mastodon.social · Apr 18, 2017, 15:05

@benhamill @deshipu sometimes it's just an inexperienced dev.

**ꝺꜫꞅh̵Ɪꝕꞟ** @deshipu · 2017-04-18T15:13:12Z

ꝺꜫꞅh̵Ɪꝕꞟ @deshipu

@evilchili @benhamill I would say it's an inexperienced dev 100% the time. Either so inexperienced, that they think it's a good idea, or so inexperienced, that they didn't say "over my dead body" to the management when it came asking for that. Lack of experience either way.

Apr 18, 2017, 15:13 · Web · 0 · 0

**ꝺꜫꞅh̵Ɪꝕꞟ** @deshipu · Apr 18, 2017, 15:22

**ꝺꜫꞅh̵Ɪꝕꞟ** @deshipu · Apr 18, 2017, 15:22

@benhamill @evilchili Ok, maybe 5% of the time it's the evil haxxors setting up a honeypot.