Just take the string as bytes and hash it ffs

  • @expr@programming.dev
    link
    fedilink
    English
    583 months ago

    At minimum you need to limit the request size to avoid DOS attacks and such. But obviously that would be a much larger limit than anyone would use for a password.

      • @owsei@programming.dev
        link
        fedilink
        English
        83 months ago

        I’d say 128 is understandable, but something like 256 or higher should be the limit. 64, however, is already bellow my default in bitwarden