I’ve been using IF for 4 years now and can’t really complain about anything. Thanks for providing such a great service! Just one suggestion: I wanted to change my password into something really long and complex (25 random characters) but it is not possible to set passwords with more than 15 characters and only letters and numbers are allowed. I think this makes it unnecessarily easy for hackers to brute force the password hashes in case the data base gets compromised one day. Maybe it’s not a problem today but it might be in a few years if attackers have even better hardware.
The hosting account passwords are limited to 15 characters. Note that this is not an InfinityFree limitation but a platform limitation.
Please note that these passwords need to be used in many different services: database servers, FTP servers and the control panel itself. Not all systems may support longer passwords, but I’m not sure about that.
A 12-15 character password is typically strong enough for most use cases and hard enough to guess. After that, it becomes more important to implement other measures than longer passwords, like brute force protection and login lockouts, many of which are already setup by the way.
Should this become insufficient in the future, then we will take steps to further secure our services.