Allow for creating passwords longer than 117 characters

Question

Allow for creating passwords longer than 117 characters

sebastian-bugajny opened this issue 3 years ago · 2 comments

Is there a chance to extend max length of password to more than 117 characters. It's critical as in many cases we hit that limit.
Version where this limitation has been noticed is: 3.1.1

Answer 1 · 2022-04-26T13:18:50.000Z

This would be really good update. I would not mind to save RSA keys as passwords. Base64 encoded file will take about roughlu 3500 characters.

I use API quit a bit, so ability to add file would be an option, but I do consider RSA key as password.

Answer 2 · 2022-06-18T15:37:00.000Z

Hello, this limitation comes from the RSA encryption that is performed before sending the password to the sysPass server (later it'll be decrypted and encrypted again using AES-128). If you need to store longer passwords you need to use encripted custom fields because they aren't encrypted before sending.

The RSA encryption is useful when the transmission channel is not secure (HTTP), you may think your client (browser) might be secured using HTTPS, but it could happen that you're behind a proxy, and the connection between the proxy and sysPass server is done in plain HTTP.

Regards