NodeBB

Nemcio/NodeBB

Fork 0

mirror of https://github.com/NodeBB/NodeBB.git synced 2026-05-05 13:27:40 +02:00

Commit Graph

Author	SHA1	Message	Date
Julian Lam	b235f3b15c	feat: add additional test for passwords > 73 chars	2020-11-03 11:34:15 -05:00
Julian Lam	ad66a1af4b	feat: allow passwords longer than 73 characters Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security by hashing all incoming passwords with SHA512, and then sending that to bcrypt. https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords	2020-11-03 10:51:08 -05:00

Author

SHA1

Message

Date

Julian Lam

b235f3b15c

feat: add additional test for passwords > 73 chars

2020-11-03 11:34:15 -05:00

Julian Lam

ad66a1af4b

feat: allow passwords longer than 73 characters

Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.

https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords

2020-11-03 10:51:08 -05:00

2 Commits