It seems like the password limit is set to 60 characters so I’m unable to login to my instance. There probably should be no limit in the app because each server could have different limits set.

  • snoweOPA
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    Mine is 100+. As far as I remember, there is no limit set for admin passwords.

      • snoweOPA
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Gotcha, well admin passwords are created without using the interface, so it would not be affected by the frontend limits anyway.

    • darklightxi@lemmy.worldM
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Hey there, like others have mentioned, I think this is a limitation on lemmy’s end which limits the password length up to 60 characters.

      This is the source code for lemmy’s backend if you’re curious. If you think this is not the case, feel free to create a new issue on GitHub and we can take a further look into this! Let me know if you need any more clarification :D

      • snoweOPA
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        I think that check must be bypassed for admin passwords, or it was instituted after I created programming.dev, because my password is 100 characters and I can log in on every other app perfectly fine. Even if that was the limit, it still should be enforced by the backend on login, not on the frontend, except for maybe initial account creation.

        • darklightxi@lemmy.worldM
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I think that check must be bypassed for admin passwords, or it was instituted after I created programming.dev

          That could be a possibility - we can do some tests to verify if that’s the case. I found this related issue which might indicate that all auth flows through the same logic.

          Even if that was the limit, it still should be enforced by the backend on login, not on the frontend

          Unfortunately, that might not be the case. Dessalines mentioned in this comment that the backend doesn’t truncate overly long passwords, and throws an error instead. Although, as you mentioned, this might be bypassed for admin users.

          Either way, I think we can take a deeper look at this and verify this information! Feel free to create a new issue for this on GitHub if you’re able to so that we can track this issue better.