What is the maximum character limit that this bcrypt library can handle?

Question

What is the maximum character limit that this bcrypt library can handle?

penguinawesome opened this issue 4 years ago · 5 comments

What is the maximum character limit that this bcrypt library can handle? I saw on others that it can handle up to 72 characters, or 55 characters, I am not sure with this library. I would like to know what is the maximum characters.

Answer 1 · 2021-01-27T15:24:18.000Z

In the case of the library 72
https://github.com/BcryptNet/bcrypt.net/blob/main/src/BCrypt.Net.UnitTests/BCryptTests.cs#L105-L112

But you can retain entropy above this with the 'enhanced hashing' functionality.

Answer 2 · 2021-01-27T17:16:51.000Z

@ChrisMcKee if we're gonna use the enhanced hashing, what would be the new max characters limit?

Answer 3 · 2021-01-27T17:48:20.000Z

Heat death of the universe or the maximum achievable entropy of SHA384 whichever comes first

Answer 4 · 2021-01-27T17:49:41.000Z

The enhanced hashing basically pre-hashes the key in order to avoid loss of entropy over the 72 character limit.
Its a common implementation (rather than one pulled out of my ... head) 😄

Answer 5 · 2021-01-29T10:18:19.000Z

Thanks @ChrisMcKee :D this library is awesome! We will try to use this.