We're updating the issue view to help you get more done.Learn more

Passwords are limited to 20 characters.

Passwords "must be between 8 and 20 characters". 20 is too few for a decent passphrase.

There should be no need for such a low upper limit

  • it won't take any extra space in the database since all password hashes will be the same length

  • if the speed to generate a hash is an issue, surely it would only become so at something over 100 characters.

Status

Assignee

Alex Eng

Reporter

David Mason

Components

Sprint

None

Fix versions

Affects versions

server-3.7.0

Priority

Medium