2 comments

[ 3.6 ms ] story [ 13.0 ms ] thread
Why have a maximum of 64 characters?
Yea, I think they (proton) just didn't properly read (misunderstood) the guidelines.

> 3.1.1.2 Password Verifiers

> ...

> 2. Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.

In other words, if you want to put a max length, don't put 20, put at least 64.