• Sibbo
    link
    fedilink
    31 year ago

    They may just base their limit on one or a few block sizes of the hash function.

    • @[email protected]
      link
      fedilink
      51 year ago

      That sounds incredibly unlikely. I would be good money that 99% of password length limits are not based on concrete limits. Things like “100 should be enough 🤷” must be way more common.

      I doubt 1% of programmers are away of their hashes block size. It is also probably irrelevant since after the first round everything is fixed size anyways.