An incomplete, rough archive of websites' maximum password lengths. I make no guarantees of accuracy - these are largely sourced from my password manager, since I set my passwords as 256 by default and shorten them until they fit. As a result, an allowed length >256 chars may be missed.

WebsitePassLengths.md

Format

website: length (date of check - YMD) - special notes (if any)

Email Providers

• GMail: 100 (2018-09-23)
• Outlook: 16 (2018-09-23)
• Yahoo: 23 (2018-09-23)

Website Accounts

• Ableton: 128 (2019-11-02)
• Adobe: 12 (2018-09-23)
• Amazon: 256+ (2018-09-23)
• Apex MC: 256+ (2019-08-29)
• Apex MC Mluticraft Control Panel: 14 (2019-08-29)
• Atlassian: 100 (2019-11-27)
• Backblaze: 50 (2018-09-23)
• Bandcamp: 32 (2018-10-10)
• Bleep: 256+ (2018-10-11)
• Blizzard (Battle.net): 16 (2018-09-23)
• Boomkat: 128 (2018-10-11)
• Caffeine: 72 (2018-12-31)
• Canada Computers: 16 (2018-09-23)
• Cool Shirtz: 30 (2019-11-06) - Shopify site
• CRYENGINE: 64 (2018-12-28)
• Dafont: 50 (2018-09-23) - They let you set it to any length, but when you login the max you can input is 50, so you can accidentally lock yourself out of your account
• Dan Carlin: 256+ (2019-09-03)
• dbrand: 128 (2019-01-02)
• Desmos: 200 (2018-12-05)
• DigitalOcean: 256+ (2018-09-23)
• Discord: 128 (2018-09-23)
• Disqus: 256+ (2018-09-25)
• Dochub: 128 (2019-01-05)
• DuckDuckGo Settings Password: 256+ (2018-10-09)
• EA (Electronic Arts): 16 (2019-08-15)
• Elemental Knives: 32 (2018-11-16)
• Epic Games Store: 256+ (2018-09-23)
• EVGA: 256+ (2018-12-26)
• Festival of the Spoken Nerd: 256+ (2019-03-07) - Shopify site
• Frontier: 256+ (2019-04-19)
• Fabrizio Schiavi Design: 128 (2019-10-03)
• G2A: 48 (2019-07-22)
• Get.Store: 15 (2019-08-23)
• Github: 72 (2018-09-23)
• GOG: 256+ (2019-02-22)
• GTA5-Mods: 128 (2018-10-13)
• Habitica: 256+ (2019-02-06)
• Honey: 1024+ (2019-11-14)
• Hulu: 256+ (2019-10-23)
• Humble Bundle: 256+ (2018-11-16)
• Imgur: 16 (2018-09-23)
• Instagram: 255 (2019-05-10)
• Intuit: 256+ (2019-02-06)
• JetBrains: 256+ (2018-09-30)
• Junodownload: 15 (2018-09-30)
• Just Cause 3 Mods: 14 (2018-09-25)
• Kijiji: 64 (2018-12-25)
• Kongregate: 32 (2018-12-21)
• LinkedIn: 200 (2019-11-09)
• Made With Mischief: 256+ (2019-09-12)
• Mathsgear: 256+ (2019-03-07) - Shopify site
• MEGA: 256+ (2019-11-11) - Password strength checker freezes the browser for 1-2 minutes with 256-length password
• Metallica Store: 32 (2018-09-30)
• Mojang: 256+ (2018-09-23)
• Mozilla: 256+ (2019-11-09)
• Namespro: 60 (2018-09-23)
• Netflix: 60 (2018-09-23)
• Nexus Mods: 30 (2018-10-24)
• Nintendo: 20 (2018-09-30)
• NVIDIA: 14 (2018-09-24)
• OnePlus: 16 (2019-11-02)
• Parsec: 256+ (2018-10-19)
• Patreon: 256+ (2018-11-04)
• Paypal: 20 (2018-11-18)
• Planet Minecraft: 30 (2019-05-20) - Password strength checker freezes the browser if a long password is input, even if the password is too long to be accepted in the first place
• Pocketmags: 20 (2018-12-16)
• Postman: 64 (2019-11-05)
• Privacy.com: 32 (2018-09-23)
• Public Mobile: 16 (2019-09-21)
• Razer: 256+ (2018-10-18)
• Reddit: 256+ (2018-09-24)
• Roblox: 20 (2018-09-23)
• Skype: 32 (2018-10-14)
• Slack: 32 (2019-09-12)
• Snapchat: 32 (2019-05-10)
• Social Club (Rockstar Games): 30 (2018-09-23)
• Socialblade: 63 (2019-01-20)
• Soundcloud: 64 (2018-09-23)
• Spotify: 256+ (2019-07-09)
• Stack Overflow (and Stack Exchange in general): 256+ (2019-09-07)
• Steam: 64 (2019-01-05) - I believe the website allows 100(?) but the desktop client can only input up to 64
• StudentBeans: 128 (2019-11-02)
• Trello: 256+ (2018-09-30)
• Twitch: 64 (2019-08-15)
• Twitter: 256+ (2018-09-23)
• Ubisoft: 16 (2018-09-23)
• Unity: 64 (2018-12-28)
• Vimeo: 72 (2018-09-23)
• Wolfram: 256+ (2019-09-13)
• Yandex: 255 (2019-11-11)

Banking

• BMO: 6 (Sometime 2016) - I have heard they have since increased it, but I am no longer with them and therefore cannot verify
• TD: 32 (2018-09-23)

Some Notes

• If anyone has any they would like to contribute, I'm open to contributions. An easy way to find the maximum length for some websites is to use the browser's 'Inspect Element' on the password field, and look for a maxlength attribute on the password input. Otherwise, the other option is to just input a password of absurd length and shrink it until it is accepted.
• Maybe one day when I get really bored I will go back and re-check the websites marked as 256+ and try to narrow down an actual max length. I believe 256 is the max for some of them, but it has been too long to be sure which ones.
• The reason the oldest date (and most common) in the list is 2018-09-23 is because that was when I fully transitioned to a password manager and updated all of my passwords.