Dear wine.com,


Please fire the web designer who thinks there should be a maximum password length (16) on your site. There are only two possibilities for this stupidity:

  1. you’re storing cleartext passwords rather than a hash.
  2. your webclowns don’t realize that the length of a salted hash has no relationship to the length of a user’s password.

I’d prefer to believe #2, but since there’s a good chance of #1, I won’t be leaving a credit card on file…


Comments via Isso

Markdown formatting and simple HTML accepted.

Sometimes you have to double-click to enter text in the form (interaction between Isso and Bootstrap?). Tab is more reliable.