Guild Wars 2

The GW2 client’s password field and the password field on official websites (and probably GW1’s client) are sanitizing inputs differently. The result is that users can log in to some but not all of these services with certain passwords.

I wanted to try a 100-character password. After successfully changing my password, I found that I could use this new password to log in to the website but not into GW2’s client.

I had this problem before the change to 100-character maximums, and learned then that the websites and GW1 client were truncating password changes and password inputs down to 15 characters, but the GW2 client would send longer passwords.

Clearly, either the official websites or GW2’s client (but NOT both) is now truncating passwords to something less than 100 characters.

I think two changes need to be made.

1. Password input needs to be handled consistently. If the website truncates it, the client should too and vice versa—I’d prefer no hidden, black-box changes to our secure password changes/input though.

2. Users need to be warned when they attempt to change their password to something beyond the limit, or attempt to input a password beyond the limit, that it will be truncated. It is crazy that we could successfully update our account and as a result, no longer know what our password is.

I am sticking with 15 character passwords for now.

Yeah, I’ve never entirely understood why companies can be so inconsistent and why it’s so difficult to be transparent about the password restrictions.

I recently went through my lists of passwords and updated all of them to a length that the majority of sites seemed to be able to manage. I had however totally forgotten about the hidden password restriction issue in GW1, so when I updated my GW2 password to something far longer I could no longer log into the linked GW1 account… it took me a while to remember that, oh yeah, there was that “password cut-off at 15 characters thing”. I grudgingly had to change the password back.

I wasn’t aware that GW2 had decided to repeat this mistake – seems they just never learn. At least it’s upto 100 characters this time and not just 15.

Also, while we’re on the subject of passwords, what the hell is up with all of these companies lately that are blocking copy-paste in the password change / creation fields? I’m not just talking about flaky copy-paste support, but purposely preventing you from pasting anything into the password field, while all other fields work fine. I get the feeling like someone is trying to (futilely) protect idiots from their own stupidity here, while making life needlessly difficult for the rest of us.

Amarinth.8534:

At least it’s upto 100 characters this time and not just 15.

I don’t really know because I did not take the time to test around with it. For all I know, the GW2 client or official websites could still be truncating down to 15 characters which is why my (allegedly) 100-char password wasn’t working on both.

Also, while we’re on the subject of passwords, what the hell is up with all of these companies lately that are blocking copy-paste in the password change / creation fields?

Very frustrating. My work around for these has been to set up KeePass to type into those fields since I cannot paste into them.