Thanks so much to everyone checking it out already! This would be a fine place to ask questions if anything is confusing about it or anything. Or if you want to rip the whole idea to shreds, by all means, bring it on! :)
When signing up, I was told the password I tried to use was too long (I have unique, randomly generated, passwords for each site I use). so I generated a < 20 chars password instead—however, password length limits around this size suggest that the site might be storing the passwords as plain text, rather than only storing a salted hash of the password.
That’s stupid of us to limit password size—especially after all the “correct horse battery staple” discussion! [ http://xkcd.com/936 ]
But we’re using the Devise module in Rails and definitely not storing in plaintext or anything too idiotic. Definitely need to change whatever stupid Devise default limits password length though. Thanks for pointing it out!
When signing up, I was told the password I tried to use was too long (I have unique, randomly generated, passwords for each site I use). so I generated a < 20 chars password instead—however, password length limits around this size suggest that the site might be storing the passwords as plain text, rather than only storing a salted hash of the password.
It sounds like you have little to worry about even if the password storage is lax!
Thanks so much to everyone checking it out already! This would be a fine place to ask questions if anything is confusing about it or anything. Or if you want to rip the whole idea to shreds, by all means, bring it on! :)
When signing up, I was told the password I tried to use was too long (I have unique, randomly generated, passwords for each site I use). so I generated a < 20 chars password instead—however, password length limits around this size suggest that the site might be storing the passwords as plain text, rather than only storing a salted hash of the password.
So I was wondering, if that’s the case here?
Fixed. No more limit. Correct away on your battery horse’s staples.
That’s stupid of us to limit password size—especially after all the “correct horse battery staple” discussion! [ http://xkcd.com/936 ]
But we’re using the Devise module in Rails and definitely not storing in plaintext or anything too idiotic. Definitely need to change whatever stupid Devise default limits password length though. Thanks for pointing it out!
The source code is public. Delve away.
It sounds like you have little to worry about even if the password storage is lax!
Oh, it’s actually a private github repository currently. Talk to us if you want access to it though!
Just occurred to me you may have been thinking of TagTime, which is indeed open source: http://github.com/dreeves/TagTime
For the ‘Slug’ value I entered “Sleep” and I was told only letters and numbers could be used. I entered “sleep” and it worked.
Ha, oops! On it; thanks so much for the bug report!