('binary' encoding is not supported, stored as-is) I found out something in amazon.com . I made a new account username : 1abcat_private password 12345678 and tried to login with pasword : 12345678anything password: 1234567899999999 it lets me login . That means max password lenght for amazon is 8 chars . It truncts everything after 8 chars. and Amazon doesn't tell you to choose password of maximum 8 chars . I dont know security implications . But the information is useful if one is trying to bruteforce a account since he knows max password lenght is 8 char . Vishal .
This archive was generated by hypermail 2b30 : Thu Apr 18 2002 - 18:56:30 PDT