re: What would it take to increase the password max length limit? VIEW POST

re: What would you suggest to be a suitable password max length then?

Your server's max payload upload size limit? Which may be brought down a bit for the authentication routes?

Then divide it by three for password change pages. And then test that it works through every single piece of infra between the edge and your servers. And sure, then you can do that. But is that really adding that much actual security over 256 character passwords?

code of conduct - report abuse