bcrypt’s [password] length limit is 72, not 55 #security

Quoth Solar:

I found the “55” number in some white paper but I was shocked at how hard it was to get any info on max plaintext length.

Cryppies evidently care more about the entropy than advertising their length.

…now I shall go backpatch my articles.

One thought on “bcrypt’s [password] length limit is 72, not 55 #security

  1. Pingback: Password Hashing & Crypto Algorithms considered as a Branding Exercise: #bcrypt #security /cc @schneierblog @glynwintle – dropsafe

Leave a Reply