Most operators of crypto exchanges continue to think that SMS authentication is a good thing, and some of them force their users to activate it.


You know what's even dumber than that? - Limiting the number of characters for a password.

Some exchangers limit it to 16 characters, and some in addition do not allow special characters for your password.

@TheFuzzStone >passwords

Why do we use passwords?

Jesus, hasn't anyone heard of asymmetric encryption? Public and private keys.

@TheFuzzStone So limiting passwords length can make sense on a server side to prevent denial of service attacks but it should be a much higher limit than 16 (we're talking at least 32 characters more like 100+)

@lyndon Only a few centralized crypto services allow passwords greater than 32 characters.

The rest are just idiots. I can't find any other definition.

@TheFuzzStone It's a bit mad. I mean my Brick and Mortar bank limits passwords to less than 16 characters I think which is mad. NIST recommend long passwords over complex ones, and UK's Cyber Security Centre the same:

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.