comment on

Answer: because the passwords aren't crypted. If they were, then there'd be no theoretical limit, though there could be a practical limit (e.g., crypt(3) only uses the first 8 characters of a password, and most, but not all, others probably also have implentation-defined limits).

All that said, I'm not sure if there's a public discussion of what should be used or if any discussion is being held "behind closed doors." I'm not sure what the level of security sophistication is behind those closed doors (and, no, adding me to the list wouldn't likely increase the sum of security experience and knowledge noticeably), though if it were out in the open, we'd be more confident in the final solution. Of course, then we'd also get bogged down in minutiae, which may be why it's quiet except for periodic updates.

In reply to Re: PM password capped at 8 chars? by Tanktalus
in thread PM password capped at 8 chars? by bv

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.