In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)

Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.

      • SkaveRat@discuss.tchncs.deEnglish
        0·
        15 hours ago

        you realize that they say the exact opposite of what you are saying, right?

        Longer passwords are generally more secure and easier for users to remember,” said Dr. Paul Turner, a cybersecurity expert at NIST. “We’re moving away from complex rules that often lead to predictable patterns and towards encouraging unique, lengthy passphrases.

    • Possibly linux@lemmy.zipEnglish
      0·
      19 hours ago

      You haven’t provided any evidence to support your claim. Online accounts can’t easily be brute forced.

      If a hash is leaked you just change the password. As long as you aren’t reusing the same password everywhere you are fine.

      • Kissaki@feddit.orgOPEnglish
        0·
        8 hours ago

        How do you know when a password is leaked?

        What’s the distribution of variance in brute force protections on online services?

      • humorlessrepost@lemmy.worldEnglish
        0·
        17 hours ago

        If the hashes are leaked and that’s immediately caught and customers are immediately informed, just change your password.