Bcrypt is limited to 72 characters. It's the only reasonable limitation, as you would not want password managers to assume the users password was longer than required to authenticate. (especially if you migrated upwards in hash. )
Totally true, anything longer and BCrypt will truncate. I like Argon2's input limit of 4.29b characters much better hehe
That said, 72 characters isn't the worst length limit, but when you're asked by your bank for a max limit of 14 or something similarly pathetic like that
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Bcrypt is limited to 72 characters. It's the only reasonable limitation, as you would not want password managers to assume the users password was longer than required to authenticate. (especially if you migrated upwards in hash. )
Totally true, anything longer and BCrypt will truncate. I like Argon2's input limit of 4.29b characters much better hehe
That said, 72 characters isn't the worst length limit, but when you're asked by your bank for a max limit of 14 or something similarly pathetic like that