In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)
Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.
I understand a cap of like 64 characters or something to keep storage space down for a company with millions of users. other than that it doesn’t make a ton of sense.
That is a huge red flag if ever given as a reason, you never store the password.
You store a hash which is the same length regardless of the password.
Youre right lol. I forgot that hash lengths are different from the actually password length.
You never store passwords. They should be hashed and salted.