I spent yesterday some time rotating my passwords and I found out that the Apple Id passwords are limited to 63 characters maximum.<p>Googling, I found nothing about this topic.<p>Then I went to the Apple StackExchange (probably not the right place) to ask about it without success (https://apple.stackexchange.com/q/387364/263000).<p>I'd like to see the potential technical reasons why a company would go for such design - rather than needing anyone from Apple sharing such internal details (as the guy at StackExchange replied).<p>Thanks!
It’s prudent to have some limit, to protect against long password DoS attacks (<a href="https://www.acunetix.com/vulnerabilities/web/long-password-denial-of-service/" rel="nofollow">https://www.acunetix.com/vulnerabilities/web/long-password-d...</a>). 63 is such a limit and long enough to allow users to pick secure passwords.