🅿🅸🆇🅴🅻@lemmy.worldtoPrivacy@lemmy.ml•Signed up for Equifax to freeze my credit, password can not be longer than 20 characters
22·
29 days agoA hash has a fixed length, including MD5. There’s no reason to cap password (input) Iength. You can hash the whole bible and still get the same length hash. So either they don’t even hash it, they’re idiots, or they try to be unnecessarily cautious to avoid some other limit / overflow, like POST max size (which would still be counted in at least KB, not several characters). The limit on what special characters you can use is also highly suspicious - that’s not how you deal with injections / escaping your inputs.
I second the idea of a VPN instead of directly exposing devices or software to the internet. Requires more work and learning but it’s more secure. I would argue that well-known VPNs are more scrutinized and pentested than any camera software ever.