blob: 003dc47df5d0748dd7d81c71e1cd1fc8ea4fe194 (
plain)
1
2
3
4
5
6
7
8
9
|
---
security:
- |
Passwords will now be automatically truncated if the max_password_length is
greater than the allowed length for the selected password hashing
algorithm. Currently only bcrypt has fixed allowed lengths defined which is
54 characters. A warning will be generated in the log if a password is
truncated. This will not affect existing passwords, however only the first
54 characters of existing bcrypt passwords will be validated.
|