basement blog

password fields with max character count

This post is part of the basement community 1-year anniversary blog event, this event's theme being "Internet usage". Come submit your blog post on the forums for a chance to win $50. We're friendly, I promise!!

Welcome to the first of many blog posts where I complain about really stupid things on Websites. First up: Password fields with max character counts set.

You've seen it before - password fields that have requirements for minimum length, containing a number and special character, etc. What shows up every so often is a password field that has a maximum length, and will enforce that by setting a maxlength property on the input element.

Here's a link to an example of what I mean

password field

For most people this wouldn't be a problem, but when you use a password manager to generate random passwords for you (and you really should), this means that in this example, any password you copy and paste into the field will automatically have everything after the first 15 characters chopped off.

password test

And the worst part about it is that because the password text is hidden when creating the password, you won't realize the pasted text isn't what you originally copied, so when attempting to sign-in with the too-long password, you'll end up having to reset your password and possibly going through the cycle again until you realize the password field isn't actually accepting what you're trying to paste into it.

incorrect password

So to all Web developers out there: use your brains a little bit and don't set password maximums when the user can't even see what is being pasted into the field.

like this post? discuss it on the forums at

or send me an email at!