Something I just can't get my head around is why some websites have ridiculous limitations regarding password strength. A few examples from my personal experience:
- Google didn't accept passwords that contain the character
- Samsung allows special characters, but only 16 chars maxskillmine
- My online banking account allows passwords with upper- and lower-case letters and digits, but only the special characters @ and space; altogether maximum 20 chars.
- Many other websites restrict password length to somewhere between 16 and 32 chars.
Is there any valid reason for companies/websites to be so restrictive?