“More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of had no length requirements, and 30% did not support spaces or special characters.”

  • Technus@lemmy.zip
    link
    fedilink
    arrow-up
    37
    ·
    1 year ago

    It’s 2023 and I still see signup forms that are like “must have at least one of each: number, lowercase letter, uppercase character, special character (but not , . " & / + < > {} [] )”

    That, plus no single sign-on (privacy issues aside) and login flow design so bad that password managers don’t know what the fuck is going on, and it’s no wonder password security is still a huge issue.