Why there is limit on some fields (email address)

[Deleted]

Why there is only 30 char or so limit for email address, since email address can get longer? Is someone sponsoring short emails that longer (more hilarious) mails are blocked? Does world have to be dull place where you are limited to boring stuff? Even email can be fun.
Is there reason behind limiting email address length? Or just coders don't know how long email address can really be?

Or some other sites =((===>><>FORCE<><<===))= you to have P4ssw0rd#, instead of "thisisreallyeasytorenember" and more secure than "<0|\/|plex" password?
Or my personal favorite is just plain "passwd" easy fast to type. There should be tick i understand that this is short password and i don't give a damn if it get hacked or stolen.

[Radio]

It could be an original design decision that just stuck around, or it could be a preventative measure against false accounts.

EDIT: This doesn't seem to apply to mmo-champion after doing a self test, and I'd be leaning towards shitty design as Don Vito below mentioned.

[Deleted]

it has to do with shoddy design. if you make a database with an email field, you need to define a maximum length for that field. some devs put a too short length in there.

[Radio]

Or some other sites =((===>><>FORCE<><<===))= you to have P4ssw0rd#, instead of "thisisreallyeasytorenember" and more secure than "<0|\/|plex" password?
Or my personal favorite is just plain "passwd" easy fast to type. There should be tick i understand that this is short password and i don't give a damn if it get hacked or stolen.

Well sites would prefer that your account(s) were not stolen because they don't want for example spam bots infesting the site through existing users. So they enforce password security features.

I do find it odd that some websites enforce between 8 to 16 characters and such, because as you said length of password can be the biggest factor in security as long as you maintain at least some presence of lowercase, uppercase, symbol and numbers.

Eg:

thisisareallylongpasswordman is fairly secure, though can possibly be guessed by hueristic password generators with dictionary processing.
Pa55! is complex but short, so not really secure.
Th1sisareallylongpasswordman! should still be easy to remember, forces password crackers to use the entire ASCII range, and has the length advantage, the only downside is that it still uses dictionary words.

You can always add salt/padding to your passwords...

Eg:

D0g................................... as a password, I saw that exact password given as a security example once, don't use that one though.

[Deleted]

What about passwords? This site works fine with passwords but, i have my trusty "passwd" (not real but just example) and sites that force you to use PAssw0rd is kinda annoying since you forget which site had what, and then you start using password manager (even less secure but hey idiots thought that their site is only site in the world).
Some people store their passwords on plain text (old skool paper in drawer format). Then there are password managers, cloud synced password managers (i currently use).
For games i use my microsoft sidewinder macro support to fill out passwords for games like SC2/D3/WOW. Because i was forced to use complex passwords.
I think if someone really wants to hack it it will be hacked.

This puts user to complicated situation

1. you realize you can't use same password for every damn site! (but you still can to some degree)
So here's what i do:
1. passwd - useless sites/sites i don't care much about losing/ site that probably store password in plain text (they usually mail you your password in text format in mail confirmation)
2. Passw0rd - for sites that i don't feel like losing
3. F#%d5@51! - stored in cloud password archive for sites that are really important (i payed cash to get in/games)
4. Pa5$w0rdQDJHhsu#0ng - used for bank accounts/cloud password archive access (memorized only)

Dictionary attack? B1tch please! What dictionary?
hellovolamsajankoundichbinbose

Not even google can detect language in the middle

"Imsoangryandidontwanttousepasswordanymore!" - Can dictionary attack crack this? Even without "!" or capital I?

[Radio]

The password I use and type in manually for WoW would take, assuming one hundred trillion guesses per second, 1.49 million centuries to guess.

https://www.grc.com/haystack.htm
^^ amazing site

[Deleted]

Ok i tested my battle password: on https://howsecureismypassword.net/

It would take a desktop PC about 12 trillion(stupid short scale)/12 billion(proper long scale) years to crack your password.

12 000 000 000 000 years or 1 200 000 million centuries to guess.

Or 1 brain scanner an hour? Or 30 minutes of torture? Or few hours of blackmail/kidnap family and threat to kill them unless you tell them password?
Or few years to infiltrate blizzard and get into security database and reset password to whatever they want.
I mean cracking is probably the lamest way.

Or according to GRC for my password format: aaaaaaaa000000## (bnet password format)
Online Attack Scenario:
(Assuming one thousand guesses per second) 85.17 thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 8.52 hundred million centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 8.52 hundred thousand centuries

Or according to GRC for my password format: Aaaaaaaa000000## (actual password format)
Online Attack Scenario:
(Assuming one thousand guesses per second) 14.14 million trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.41 hundred billion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.41 hundred million centuries

Radio password is: 19 chars long lowercase+numbers only
Possibly: aaaaaaaaaaaaaaa0000

[Linkedblade]

The password I use and type in manually for WoW would take, assuming one hundred trillion guesses per second, 1.49 million centuries to guess.

https://www.grc.com/haystack.htm
^^ amazing site

Battle.net passwords arent case sensitive. Dont know if that would change your assumption any.

[Deleted]

Battle.net passwords arent case sensitive. Dont know if that would change your assumption any.

Really? never heard of that before. I HAVE to try that when I get home...

[Deleted]

Really? never heard of that before. I HAVE to try that when I get home...

Dude, that's so old, i argued with some random GM/CS about that, why the hell they want numbers in password, when those assholes ignore case?

[Themius]

The password I use and type in manually for WoW would take, assuming one hundred trillion guesses per second, 1.49 million centuries to guess.

https://www.grc.com/haystack.htm
^^ amazing site

I like that. I was just wondering yesterday how long it would take to my encryption password. My steam password is even more ridiculous.

Online Attack Scenario:
(Assuming one thousand guesses per second) 9.88 hundred million trillion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 9.88 trillion trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 9.88 billion trillion centuries

and my steam passcode:

Online Attack Scenario:
(Assuming one thousand guesses per second) 11.85 million trillion trillion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.18 hundred billion trillion trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.18 hundred million trillion trillion centuries

---------- Post added 2013-05-22 at 08:05 AM ----------

Not even google can detect language in the middle

"Imsoangryandidontwanttousepasswordanymore!" - Can dictionary attack crack this? Even without "!" or capital I?

My password is a mixture of four languages, it's kind of too long to remember lol.

[Deleted]

I'm using a 4 word password for my job Active Directory account that I only use for GW2 besides that. When I wanted to use that 4 word password for a job-related account, it didn't work because it was too long. it also only accepted 16 characters.

[Ryme]

http://xkcd.com/936/

All I can think of when going through this thread.

[Deleted]

http://xkcd.com/936/

All I can think of when going through this thread.

I made my topic based on that, i read that long time ago but still it inspired me to make this topic.