Make all fancy Azure blob storage with SFTP connection through firewall with dedicated public IP.

...to just find out that the webcameras you want to send stuff to the blob storage take in max 16 or 30 character passwords for sFTP. While the autogenerated passwords for SFTP in Azure are 32 characters long.

WHO THE HELL RESTRICTS PASSWORD LENGTH!? ASfjksdnfjksdjfnjksdakfadsnjkfjdsa

That's a costly container too.

Word of advice, if it's a pet project, look at scheduling the SFTP on/off on the container to save you some money.

"WHO THE HELL RESTRICTS PASSWORD LENGTH!? " - yesteryears idiots who store them as plain text.

The same people who once made me remove a comment that said something like /* password is too short */ because some head-up-your-arse robot saw "password is..." and thought there was a password stored in the code. They were like, we know the robot's wrong, but it won't hurt to take it out and then we can put a tick in the box.

I guess systems that have to reserve scarce space for any byte[] before knowing its contents do.

To many.

Had a webshop I wanted to shop from that not only restricted password length to 8 (yes eight) characters.

This signup form allowed more characters and the login form always responded with bad login for any password linger than 8 so trying to figure out why login failed took two separate contacts with customer service.

Thats next level stupidity, not only bad password policy but a broken implementation that makes it even worse to use

The real question is.. Why would YOU EVER use FTP or sFTP ? Like EVER !!

There are better ways, specially with Azure storage Apis.

@tosensei False. Even outlook.com limit password length.

I just tried to put a 15000 caracter string as a password.

Without ANY user feedback, it was truncuted to XX (I don't know how much) caracters.

So basiclly account is no longer acsessible lol !

@NoToJavaScript reminds me of a project we inherited recently.... the _login_ form had a password policy check enabled.

the fun part: it was much more restrictive than the policy check during registration...

@tosensei Personally, I push 'Entropy score" in my apps.

Basiclly, more you vary your input, less caracters you need.

@NoToJavaScript because you clearly don't deal with MNC's that think "on-prem" is secure and complain when FileZilla doesn't work.

Otherwise, yes you're right, when you are the user of the infra, there's better ways, when your not.... it gets ugly.

Could you have them request a short-lived SAS url giving access to your storage from an endpoint you set up that accepts a shorter password?

This is luckily for work and this was like the umpteenth solution I was trying.

Basically I'm limited by what connection options the cameras I have offer, and I have three types of cameras so I want a universal application...

But screw these ready doodle blocks. I'm now writing a code that connects to the cameras based on their ONVIF (ok, still need to check if one of them supports it even if it's a STANDARD) and then streams the feed to Azure.

Hopefully I'm getting all the built in capture triggers to go with it, otherwise I'm screwed and I can just trash these cameras and move under my desk to cry.

And yeahhh, I was forced to pick out these cameras within the first two weeks of my employment in the current organization & project. I had no idea about camera connection options or anything like that. They capture automatically pictures of the license plates as asked! I still don't know anything, more than before but I'm still a noob.

Like all my three cameras even came without a power supply. Like I didn't even realise that's a thing. >.> I'm reading the fine print now.

@NoToJavaScript basically, i don't give a shit.

if the user decides to use a crappy password like "password", it's their prerogative.

everybody is entitled to shoot their own foot if they so desire IMHO.