Skip to content

re: Changing your name is a hard unsolved problem in Computer Science VIEW POST

re: I can't see why anybody might want a maximum password length, unless they DON'T store the hashed password, that doesn't bode well (even if was encr...

Bcrypt is limited to 72 characters. It's the only reasonable limitation, as you would not want password managers to assume the users password was longer than required to authenticate. (especially if you migrated upwards in hash. )

Totally true, anything longer and BCrypt will truncate. I like Argon2's input limit of 4.29b characters much better hehe

That said, 72 characters isn't the worst length limit, but when you're asked by your bank for a max limit of 14 or something similarly pathetic like that

code of conduct - report abuse