brubeck
brubeck copied to clipboard
BCrypt effectively limits password length
BCrypt uses only up to 72 chars of the password for its hash, so longer passwords are effectively truncated.
precedent:
BCrypt effectively limits password length https://code.djangoproject.com/ticket/20138