Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@Bobj2008 it's arbitrary. 10 characters is too free though.
Suppose you make a hard method to hash passwords that takes 1 second per average 8 character password on your hardware. If 100 people decide to authenticate at the same time with 80 character passwords, the server will have 1000 effective seconds of work to do, instead of just 100.
Or maybe I'm wrong and they're just stupid and irresponsible -
Because 98% of the engineers whould pick pi as their password. Not so safe after all!
-
F9lke3127y@AndSoWeCode Fortunately, there are Nginx server that are optimized to handle numerous requests at the same time.
-
@F9lke it's not about nginx. It's not like nginx makes 100 computers pop up right away to start computing hashes.
-
F9lke3127y@AndSoWeCode I am not saying that Nginx is the solution for the problem, but that it is optimized for that purpose.
-
@F9lke and I'm saying that nginx has nothing to do with this. nginx is just the program handling the http/https bullshit. Nothing to do with passwords.
Related Rants
Why do some websites have password limits? I want to have unlimited characters for my password.
random
unlimited
passwords