-
Alex Vandiver authored
The bcrypt key derivation function only uses the first 72 bytes of the input; when used directly on a password, this effectively limits password length to 72 characters. Allow for arbitrarily long passwords by hashing the password using SHA-512 (which produces 512 bits, or 64 bytes, of output) before passing it to bcrypt.
87cf33b8