My browser isn't remembering the email or password for the login page at live.com, either for outlook.com email or the login for MS Answers. The password manager for Firefox is working on other sites (it asks me if I want it to save new passwords, and it inserts the password for sites already saved). I do have the same problem, whether in Firefox or Internet Explorer. Cookie management doesn’t seem to matter. This problem exists regardless of whether I clear out cookies, or have them saved.

I understand why a well established service such as Microsoft's Hotmail (or Outlook) would prevent passwords that are too short, but why limiting password length on the opposite side?

I am switching management of my passwords to a password manager that I set up to generate random passwords 18 characters long with all the possible special symbols. As an example:


That is a good process, because by changing your old passwords you learn about all the security holes in your previously used services.

So when I was changing my Hotmail account password I got this message:

Your password can't be longer than 16 characters.


What a dumb statement! Are they using something like DES encryption or a similar broken block cipher? Can someone explain this limitation to me?