short_usernames_and_passwords

Andy Piper edited this page Dec 2, 2013 · 1 revision
Clone this wiki locally

Section 3.1 of the spec states:

It is recommended that passwords are kept to 12 characters or fewer,
but it is not required. 

The same recommendation is applied to usernames as well. This is embarrassingly short. People using MQTT in situations where storing a long password is a limitation will be aware of the fact. This doesn't mean that maximum password length recommendations should be given for everybody else.