Re: Sometimes I can't use a long password
"Come now, you're exaggerating. The only institutions using simple rules capped at 8 characters are the unimportant and trivial ones where security isn't really a concern, like banks. Oh, hang on."
The UK Gov's National Savings & Investment (NS&I) website did until fairly recently have a maximum password length of 8 characters. They did change it last summer to a longer limit of (IIRC) twenty characters. Much better.
Another annoying trick that many websites use is not to reveal the password composition rules until AFTER you've typed in your new proposed password. Then they tell you it's a maximum of 10 characters, limited special characters, and only lower case letters or something equally silly.
Biting the hand that feeds IT
