Bump up shared secret limit to 512?

[DimitriPapadopoulos]

In practice, I doubt anyone uses shared secrets of more than 256 characters. However, a Google search provided some empirical information about maximal lengths for various implementations. The AWS Directory Service is documented to have an exceptional upper limit of 512.

From the AWS Directory Service Documentation:

Length Constraints: Minimum length of 8. Maximum length of 512.

[alandekok]

We can update the length to 512, but I doubt many people will use it. There really is little point to any shared secret longer than 256 characters. If people are that worried about security, they should use TLS.

[DimitriPapadopoulos]

I totally agree, even 96 was overkill. It's just that some might set a long secret just because it's possible.

For example, see discussion in Please enlarge the maximum Shared secret lengt in RADIUS Authenticattion Server settings:

Thanks for your reply, but it still doesn't change the fact that my client is allready running this on multiple locations from different suppliers, and only Unifi doesn't support this while Microsoft RADIUS server does go up to 128 chars. I can't change the source. Can only ask Ubiquity to follow Microsoft standards.