You Suck at UI

Identifying bad UI on Desktops and the Internets.

Posts tagged password

May 20
This one is very simple: never, ever require that your users shorten their passwords. You should encourage them to use the longest password they can possibly manage. Security is hard—don’t make it harder by placing arbitrary size limits on them. Bonus: when you tell me I can’t enter a password that’s longer than 12 characters, it sets off the amateur hour alarms in my head. I sure hope you’re hashing it, and modern hash algorithms aren’t limited to 12 characters. Hire developers who know what they’re doing.

This one is very simple: never, ever require that your users shorten their passwords. You should encourage them to use the longest password they can possibly manage. Security is hard—don’t make it harder by placing arbitrary size limits on them.

Bonus: when you tell me I can’t enter a password that’s longer than 12 characters, it sets off the amateur hour alarms in my head. I sure hope you’re hashing it, and modern hash algorithms aren’t limited to 12 characters. Hire developers who know what they’re doing.
Posted at 9:27 PM 1 note Tagged: rackspacewebpasswordsecurity