|
|
|
|
|
|
by avidiax
893 days ago
|
|
|
Max character counts and disallowed characters are a really strong sign that the site is transmitting or storing the password in plain text. It takes essentially no effort to base64 encode a text field of arbitrary length and contents. If you are salting and hashing that password before storing, you would also not care about the contents or length of the password. |
|
|