41·
3 months agoDamm, I legit didn’t knew there bcrypt had a length limit! Thank you for another reason not to use bcrypt
- 0 Posts
- 9 Comments
Joined 1 year ago
Cake day: September 16th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Also rate of the requests. A normal user isn’t sending a 1 MiB password every second
Why are you hasing in the browser?
Also, what hashing algorithm would break with large input?
The problem is that you (hopefully) hash the passwords, so they all end up with the same length.
Oh, I already hated windows, that was just the last straw
The pandemic and programming.
I was watching some tutorials and saw how easily people used the terminal, and how clunky cmd felt.
Next day I had ubuntu running.
I’d say 128 is understandable, but something like 256 or higher should be the limit. 64, however, is already bellow my default in bitwarden