In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)
Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.
That is a huge red flag if ever given as a reason, you never store the password.
You store a hash which is the same length regardless of the password.
Although at some point you’ll get collisions, but I don’t think that’s actually an issue. It still equally hard to guess a password from the hash, there will just be some solutions that are much longer than others.
Youre right lol. I forgot that hash lengths are different from the actually password length.