Which suggests to me that MS stores plaintext passwords. Because a hash function doesn’t care about the length of what it’s hashing, the output will always be the same length, so they could verify a 300 character password with the same storage space as a 3 character password.
I use that command partially because Microsoft accounts don’t allow passwords as long as the password I like to use for my PC
are you a horse battery staple wizard
Correct
my man
Basically. It’s essentially a full-on sentence and last time I looked, Microsoft allowed about half the character length.
Well, at least they aren’t pretending to accept longer passwords but actually truncating it, like they used to in hotmail and live.
They were silently truncating the passwords to something like the first 16 characters, the rest was ignored.
Which suggests to me that MS stores plaintext passwords. Because a hash function doesn’t care about the length of what it’s hashing, the output will always be the same length, so they could verify a 300 character password with the same storage space as a 3 character password.