Just take the string as bytes and hash it ffs

  • frezik@midwest.social
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 months ago

    Scrypt has the same limit, FWIW.

    It doesn’t matter too much. It’s well past the point where fully random passwords are impossible to brute force in this universe. Even well conceived passphrases won’t get that long. If you’re really bothered by it, you can sha256 the input before feeding it to bcrypt/scrypt, but it doesn’t really matter.