549
NIST proposes barring some of the most nonsensical password rules
(arstechnica.com)
This is a most excellent place for technology news and articles.
I recently set up a password with a 16 character max, alphanumeric only, no spaces. The service is in no way a security threat but still.
A couple years ago I ran into one with a 12 character limit...
I never understood password limits, other than something sufficiently large like 256 to prevent DOS. It's not like the password is actually being stored anywhere... right? RIGHT??