- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
Here is the text of the NIST sp800-63b Digital Identity Guidelines.
Here is the text of the NIST sp800-63b Digital Identity Guidelines.
Rules here are 64 as a reasonable maximum. A lot of programmers don’t realize that bcrypt and scrypt max at 72 bytes (which may or may not be the same as 72 characters). You can get around it by prehashing, but meh. This is long enough even for a reasonable passphrase scheme.
Minor note: 64 unicode characters is potentially much more than 72 bytes.