I've noticed that websites have started getting ridiculous with password requirements. I like to use the same password for everything, so I don't get confused about which account has which password. It's a pretty good password. It's a combination of letters and numbers and it's 8 characters long. But it seems like as time goes on, 8 characters just isn't good enough anymore. Now websites want you to include letters and numbers, with at least one of them being in caps. Or maybe they want you to have the first character being a letter, which means I have to change my 8 character password, because it doesn't start with a letter. Or maybe 8 characters isn't long enough anymore. They want you to have 15+ characters for your password. That's what my school password is. I had to basically double my old password. Another school I used to attend, but I still took classes at after graduating, requires you to change your password every once in a while. I guess that keeps everyone out of your account, including you, when you inevitably forget which password you chose for that specific time frame. I just finished changing my Ebay password, because my old password wasn't working. They could have simply just told me my password in the email instead of forcing me to change it. You'd think I could have used my standard 8 character password, since that obviously wasn't correct when trying to log in. Well, when I tried to use that, the website tells me I can't use passwords I've already used. So if I've already used that password... and I can't use that password to log in... then what's going on? They basically said "You can't make that your new password, because that's your current password." Yet it won't work when I try to log in. That's absurd. I guess that's not really a problem with passwords, it's a problem with Ebay. But that was the impetus behind this thread. When I was making my new password, it said my 8 character password was weak. I remember when I was a kid, I had 5 character passwords that were actual words. Websites would say that it was weak, and I agree. Now, my 8 character password is a combination of random letters and numbers and websites considered it strong. Now it's weak. Is it really the character limit that's making people's accounts get stolen? Or is it keyloggers or some such programs that copy what you're typing as your password, and let the hacker know what it is? If that's the case, then your character limit can be 20 characters, and it doesn't matter. Are websites making the character limit so high just to give the users a false sense of security? I think so. This isn't just a rant, this is a legitimate concern that eventually we're going to have to write our own novels, and use that novel as our password; a minimum of 50,000 characters.