Just take the string as bytes and hash it ffs

  • yhvr@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 months ago

    I don’t know the specifics behind why the limit is 72 bytes, but that might be slightly tricky. My understanding of bcrypt is that it generates 2^salt different possible hashes for the same password, and when you want to test an input you have to hash the password 2^salt times to see if any match. So computation times would get very big if you’re combining hashes