After inviting someone to join Wikidot, so that he could become a part of my site, he commented on how the password limit is at most 20 characters (he wanted a longer password, 28 characters to be exact).
It would be great if this could be extended to, for example, 28-32 characters, or even longer. Generally the longer a password is, the more secure it is.
As mentioned by bcammo in IRC (#wikidot on irc.freenode.net):
<brycecammo> I think it's a good idea to create the wish. If people want to create super-long passwords, let them.
If the encryption-method stays the same a password of 28 characters is not - per definition - saver than a password of 18 characters. I also believe the amount of users that require a long password are few, so why all the effort? There are lots of wishes that have more use than this one.
But that's my humble opinion.
Yes, it is still bcrypt with variable seed on our side. However, longer passwords are more difficult to crack using brute force approach, which many people care about.
Michał Frąckowiak @ Wikidot Inc.
Visit my blog at michalf.me
Implemented!
Michał Frąckowiak @ Wikidot Inc.
Visit my blog at michalf.me
Thanks!
For the record (in case anyone sees this wish and wonders about the new limit), the new limit is 64 characters.
Shane Smith
ethicalwd.com - Blog - Wikidot Editor - Docs