| ||Tell HN: Zoom truncates passwords to 32 chars|
135 points by saimiam on April 1, 2020 | hide | past | favorite | 113 comments |
|I tried to reset my password to a random alphanumeric string, 64 characters in length.|
Initially, my password only had lower case letters and numbers. Zoom refused to allow me to use this string because it didn’t have any upper case letters. I figured they were only trying to help so I changed the last alphabet to upper case. Same error. I then thought that maybe they were expecting more than one upper case letter so I changed a few more letters in the second half of my password to upper case. Still the same error.
Annoyed, I changed the first few alphabets to uppercase and this time zoom accepted the new password.
I don’t recall what made me notice this but it turns out that zoom only takes in the first 32 chars of the password which it presumably stores in some hashed form in their backend.
While 32 chars is plenty long for a password, I just wish they’d mentioned this limitation on their website.
| Apply to YC