Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotmail No Longer Accepts Long Passwords, Shortens Them For You

Posted by timothy on from the isn't-that-handy? dept.

An anonymous reader writes "Microsoft doesn't like long passwords. In fact, the software giant not only won't let you use a really long one in Hotmail, but the company recently started prompting users to only enter the first 16 characters of their password. Let me rephrase that: if you have a password that has more than 16 characters, it will no longer work. Microsoft is making your life easier! You no longer have to input your whole password! Just put in the first 16 characters!" At least they warn you; I've run into some sites over the years that silently drop characters after an arbitrary limit.

2 of 497 comments (clear)

  1. Who cares? by __aaltlg1547 · · Score: -1, Troll

    Seriously who THE FUCK cares?

  2. The disturbing thing is: they must be cleartext! by Kaz+Kylheku · · Score: -1, Troll

    This reveals that they are storing the passwords in cleartext.

    You cannot make such a change on hashed passwords!

    If you chop only 16 characters, you will not compute the same hash as before.

    Storing the passwords in cleartext means that if they are compromised, the passwords are available to the intruder without having to crack hashes.