Skip to content

Instantly share code, notes, and snippets.

Last active January 31, 2021 05:11
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
An incomplete, rough archive of websites' maximum password lengths. I make no guarantees of accuracy - these are largely sourced from my password manager, since I set my passwords as 256 by default and shorten them until they fit. As a result, an allowed length >256 chars may be missed.


website: length (date of check - YMD) - special notes (if any)

Email Providers

Website Accounts


  • BMO: 6 (Sometime 2016) - I have heard they have since increased it, but I am no longer with them and therefore cannot verify
  • TD: 32 (2018-09-23)

Some Notes

  • If anyone has any they would like to contribute, I'm open to contributions. An easy way to find the maximum length for some websites is to use the browser's 'Inspect Element' on the password field, and look for a maxlength attribute on the password input. Otherwise, the other option is to just input a password of absurd length and shrink it until it is accepted.
  • Maybe one day when I get really bored I will go back and re-check the websites marked as 256+ and try to narrow down an actual max length. I believe 256 is the max for some of them, but it has been too long to be sure which ones.
  • The reason the oldest date (and most common) in the list is 2018-09-23 is because that was when I fully transitioned to a password manager and updated all of my passwords.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment