User blog comment:BlueChoco/Nexon's Lack of Security?/@comment-4260367-20120213034408

Actually I'm not entirely sure how you managed to make a PW with over 12 characters since I've made a few accounts over the years and the last time I made one 2 years ago they required you to have a PW that was between 6-12 characters. You have to remember that the people who make the CA client every patch and the people who are in charge of accounts and the website are entirely different groups so I wouldn't doubt it if the people who manage the website changed it so that you can make accounts that have over 12 characters and the people who manage the game didn't change it (they probably set a character limit in the first place to prevent password cracking programs from spamming the servers with passwords that don't even meet the parameters set in the account creation process). I've played MS for quite a while and there are quite a few PW cracking utilities out there but I've only heard of a few people getting their accounts hacked since Nexon introduced PINS and PINs can't be cracked as quickly or keylogged so MS isn't that bad either.

Also It would appear that both Valve and Nexon have had a ton of their account information compromised (http://www.tomshardware.com/news/Steam-Gabe-Newell-Valve-Hacking-Investigation,14685.html http://www.reuters.com/article/2011/11/26/us-korea-hacking-nexon-idUSTRE7AP09H20111126) so I wouldn't say that Valve is all that much better than Nexon in security (Nexon of Korea aparently requires you to create an account with your social security number (Nexon of NA claimed this a while back although I've heard of US player making Korean accounts without a Korean social security number so I'm not sure about that claim) but nearly everyone with a Steam account has bought something (I don't think there were too many F2P games on steam during 2004-2008) so I'd say its fairly even in this case).