logoalt Hacker News

sgctoday at 5:01 PM4 repliesview on HN

I ran into a website for work that would let you create a long password, but silently truncate it to 12 characters before saving. Mind boggling.


Replies

halJordantoday at 5:07 PM

This is the best. Especially when the password is being autotyped by the pw manager and so you never see the truncation and now have a bad pw saved in your manager. Alongside a restrictive password policy with no ui explaining what the policy is.

j4k3today at 5:15 PM

This happens on some HP printers too, the web interface lets you happily enter lengthy passwords, but doesn't bother telling you it truncated the entry at 16 or 12 characters.

pull_my_fingertoday at 7:45 PM

I unfortunately had the infuriating experience dealing with a (government, of course) site that did this. To add to the experience, not only did it silently truncate at registration, but it did NOT truncate on the login fields. And of course, it has a lockout after several failed attempts. UX gore at it's finest.

grg0today at 6:13 PM

Blizzard/battle.net used to do this (still does?), lol