I have been trying for days to log in. No matter what I do, I keep getting could not connect to [server]. I tried for days and it didn’t work.
Then I realized. I have a password manager installed, and I let it pick its longest password length (100 characters). I reduced it to 32 characters, and my login immediately worked.
Lemmy itself supports huge passwords, but it seems as if mlem does not. I do not know how long your password can be before mlem pukes on its own shoes, but it’s somewhere between 32-100 haha.
I also had a problem where Mlem was failing to log in, but for me it’s that I was logging in with my email address. Once I switched to using my username, it worked fine.
I had a similar issue with a long password when I first signed up.
I think I saw a bug report related to this, so it’s probably getting resolved
The web UI trims passwords to 60 characters. I assume Mlem doesn’t and the API doesn’t either or just flat out rejects the request if the password is too long.
Wow, trimming passwords without telling the password owner is a terrifying behavior.
Also, having a password limit at less than 256 chars is silly in the modern world of password managers, and even 256 is a completely arbitrary limit i pulled out of my ass.
Why does the lemmy platform require short passwords, i wonder? nobody with any sense of modern, or even out-dated decades ago, sense of security stores passwords raw anymore, and hasn’t forever because it was recognized as a terrible idea and a bad pattern decades ago.
I mean there needs to be a limit, because hashing a password is, by design, resource intensive. Also, Lemmy uses bcrypt for password hashing which supports up to 72 bytes, so the limit can’t be any higher than that. It should probably be indicated somewhere though, I agree. I was also caught off guard by it but realistically 60 characters is more than enough… it’s more entropy than the hash you get out of it, if it’s random.
For me it was that when I used my email, but when I used my username it worked.