Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL's Embarassing Password Woes

Posted by CmdrTaco on from the top-sekrit dept.

An anonymous reader writes "AOL.com users may think they have up to sixteen characters to use as a password, but they'd be wrong, thanks to this security artifact detailed by The Washington Post's Security Fix blog: "Well, it turns out that when someone signs up for an AOL.com account, the user appears to be allowed to enter up to a 16-character password. AOL's system, however, doesn't read past the first eight characters." This means that a user who uses "password123" or any other obvious eight-character password with random numbers on the end is in effect using just that lame eight-character password."

2 of 192 comments (clear)

  1. DES passwords by 1s44c · · Score: 0, Troll

    The fact that DES passwords are 8 characters long and anything over the first 8 is silently ignored is well known.

    Am I alone here in remembering the old slashdot? It used to be IT stories for IT professionals and hobbyists. Now it's dumbed down stories for help desk wannabes.

    Whats next? A story on how the letters look weird with the caps lock on?

  2. Re:Not alone by Joebert · · Score: 0, Troll

    You're all fired, we're switching back to Microsoft.
    There, problem solved.

    --
    Wanna fight ? Bend over, stick your head up your ass, and fight for air.