So, this WordPress security update is important of course. But included in the article below is a very amusing note that WordPress also instituted a maximum password length of 4096 characters. Surely that’s to avoid a denial-of-service as an attacker pushes a multi-megabyte password through the server crypto. But really, a 4096-character password? I hope you’re using a password manager for that one!
Originally shared by Naked Security
WordPress users – make sure you’ve upgraded.