If someone puts passwords shorter than 30 characters on their devices, then everything that happens to them is their own fault.