Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • Soggy@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    I recently set up a password with a 16 character max, alphanumeric only, no spaces. The service is in no way a security threat but still.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      A couple years ago I ran into one with a 12 character limit…

      I never understood password limits, other than something sufficiently large like 256 to prevent DOS. It’s not like the password is actually being stored anywhere… right? RIGHT??