In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)

Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.

  • DarkSirrush@lemmy.caEnglish
    19·
    1 month ago

    My bank forces a 6 digit PIN as a password.

    Their 2fa is also email or text only.

    At least we can set a unique username?

    • 4grams@awful.systemsEnglish
      3·
      1 month ago

      Yeah, I’m up to 40 hide my addresses for that same reason. Figure if the password sucks, at least the email can be unique and obscure.

      • AA5B@lemmy.worldEnglish
        1·
        1 month ago

        168! Don’t hold back - everything gets a unique email address, a generated password, unique username and profile info.

        It’s only the damn phone number that can be used to connect my data. Can’t do anything about that.

    • throwawayacc0430@sh.itjust.worksEnglish
      2·
      1 month ago

      Meh, if they lock you out after X attempts, then 6 digits is fine. Hell, even 4 digits is fine if they have a lockout-policy.

      Do they have a limit on attempts?