Re: Amazon.com Password limit

[jon schatz <jon () divisionbyzero com>]

On Wed, 2002-04-17 at 19:24, Vishal Ganeriwala wrote:
> That means max password lenght 
> for amazon is 8 chars  . It truncts everything after 8 
> chars. and Amazon doesn't tell you to choose 
> password of maximum 8 chars .  I dont know security 
> implications . But the information is useful if one is 
> trying to bruteforce a account since he knows max 
> password lenght is 8 char . 

On a similar note, I was trying to login to a MSN account via gaim. I
tried my hotmail email account as a username, and used my password. No
dice. After playing around for a while, I found that the limit for
Passport passwords is 15 characters (mine was longer). This is
(obviously) much more difficult to brute force than an 8 character
password, but unpublished password limits piss me off.

-jon

-- 
jon () divisionbyzero com || www.divisionbyzero.com
gpg key: www.divisionbyzero.com/pubkey.asc
think i have a virus? www.divisionbyzero.com/pgp.html
"You are in a twisty little maze of Sendmail rules, all confusing."

Attachment: signature.asc
Description: This is a digitally signed message part