There's still a bunch of sites I run into that limit password lengths. I accept there has to be some limit, but if you're just hashing it and comparing it to a known value anyway it's really negligible compared to SMS 2FA rates, checking FIDO message signatures, or using some like SQRL/Google's new thing.
Phishing sites usually don't limit password field length so I ctrl+v the entire bee movie script in there a few dozen times then hit enter over and over until I get bored when I find one.
shit like this is why i only register with burner emails (or, in the case of this site, no email) if possible.
Also I always use 100 character long randomized passwords that are different on each site. Overkill? Yes. would rather be overkill
There's still a bunch of sites I run into that limit password lengths. I accept there has to be some limit, but if you're just hashing it and comparing it to a known value anyway it's really negligible compared to SMS 2FA rates, checking FIDO message signatures, or using some like SQRL/Google's new thing.
Phishing sites usually don't limit password field length so I ctrl+v the entire bee movie script in there a few dozen times then hit enter over and over until I get bored when I find one.