> > I don't understand why modern security systems have an upper limit on > > passphrase length. > > Because people can't remember passwords, and companies don't like > employing full-time password changers.
i don't understand this comment. the length of a password is only vaguely related to memorability. long english phrases are easy to remember. unfortunately, they are also easy to harvest automaticly, so "four score and seven years ago" might be a bad password. - erik
