Why do so many companies and people say that your password has to be so long and complicated, just to have restrictions?

I am in the process of changing some passwords (I have peen pwnd and it’s the password I use for use-less-er sites) and suddenly they say “password may contain a maximum of 15 characters“… I mean, 15 is long but it’s nothing for a password manager.

And then there’s the problem with special characters like äàáâæãåā ñ ī o ė ß ÿ ç just to name a few, or some even won’t let you type a [space] in them. Why is that? Is it bad programming? Or just a symptom of copy-pasta?

  • Big P@feddit.uk
    ·
    1 year ago

    Some of the restrictions are there to try and protect users from themselves. Most people don't want to put a space in their password so it's assumed it was a mistake when they do.

      • Big P@feddit.uk
        ·
        1 year ago

        Just my general experience, I mean how many passwords from leaked password lists contain spaces? The general understanding of passwords is that they contain no spaces

        • bromine@lemm.ee
          ·
          1 year ago

          I mean how many passwords from leaked password lists contain spaces?

          Eh... There are no passwords with spaces in the leaks, because hardly any service allows it? After all, that's what this whole thread is about.

          • Big P@feddit.uk
            ·
            1 year ago

            I'm sure it's a chicken and egg situation then, a few services do allow it but I've never come across someone using it intentionally outside of people doing it specifically because it's uncommon