Fun fact: wizzair.com let's you set a long password, but behind the scenes it truncates it to 16 characters (because obviously every byte is precious these days, I guess?).
When you try to log-in with your long long password, it fails. You have to *know* to truncate it yourself to 16 chars.
This is a major airline in 2019.
@bjarni fun fact, Íslandsbanki had the same issue, and when I reported it initially they just pretended that it's not a problem (eventually they recognized is as an issue and promised to fix it).
@rysiek I bet 99% of their customers have shorter passwords, which is kind of depressing in 2019.
It also suggests that they’re not hashing your password.
@rysiek Comment from a friend of mine:
This also suggests that they're storing your password in plaintext in their database; if they were hashing it, they wouldn't need to care about the length of the original string. I've seen it suggested that storing unhashed passwords is a GDPR violation.
@rysiek I had the same in polish bank mbank. I had no idea, because it was also truncating when logging in. I learned when installed phone application that was not truncating.
@rysiek paying for the latest mainframe upgrade is expensive I guess...
@DrWhax let's hope they treat their airframes better than their mainframes...
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!