Why are Passwords restricted to 20 characters?

Luke Stevenson's Avatar

Luke Stevenson

09 May, 2014 10:49 AM

Considering best practices are for passwords to be as hard as possible for someone to guess, I normally use passwords of 30 characters (sometimes more) to secure my online accounts.

As passwords should be stored after being converted to a one-way hash such as SHA-1, this results in password hashes of a standard (and not terribly long) size.

Why restrict your users to entering passwords of only 20 characters, when, if handled as above, a password of one character will produce a hash of exactly the same length as a password of 1,000 characters.

  1. Support Staff 1 Posted by Alex Vasquez on 09 May, 2014 03:30 PM

    Alex Vasquez's Avatar

    Good Morning Mr. Stevenson,

    Thank you for your suggestion. This has been brought to the attention of our development team and we will work on removing this limitation. The field will be opened up without a character limit. Once this feature has been implemented we will notify you ASAP.

    Thank You,
    BookShout! Support Team

  2. Alex Vasquez closed this discussion on 09 May, 2014 03:30 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac