It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.
That’s not a “strong” password, random characters or not.
Is there a limitation that somehow prevents these sites from allowing more than 16 characters?
I’m talking government websites, not just forums. It seems crazy to me.
Well yes everyone should use a password manager but some people can’t load a password manager onto their work computer and therefore are more likely to use non-random passwords. It’s easier to remember a passphrase than a random password.
Fortunately, we force everyone to use a password manager at my company. SSO all the things!
We got SSO systems too, unfortunately, there are about 3 of them, lol. The old ADFS, the current Microsoft login (possibly cloud AD, not sure), and our own ID product that we offer to customers.