diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-19 19:12:55 -0500 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-19 19:12:55 -0500 |
| commit | 6efd32097954f77e4bb2e819d2ace7b7961eb7c9 (patch) | |
| tree | 8de7f4b50514f43d65f6a6c413bb33eac18b7830 | |
| parent | 48d98e96f7c87f000ba1cab165c46a74c864e645 (diff) | |
| parent | 211b9a1862c4074024a9895c1764060e6903fa71 (diff) | |
| download | py-bcrypt-git-6efd32097954f77e4bb2e819d2ace7b7961eb7c9.tar.gz | |
Merge branch 'master' into alex-patch-1
| -rw-r--r-- | README.rst | 15 |
1 files changed, 15 insertions, 0 deletions
@@ -84,6 +84,21 @@ Another one of bcrypt's features is an adjustable prefix to let you define what libraries you'll remain compatible with. To adjust this, pass either ``2a`` or ``2b`` (the default) to ``bcrypt.gensalt(prefix=b"2b")`` as a bytes object. +Maxmimum Password Length +~~~~~~~~~~~~~~~~~~~~~~~~ + +The bcrypt algorithm only handles passwords up to 72 characters, any characters +beyond that are ignored. To work around this, a common approach is to hash a +password with a cryptographic hash, such as ``sha512`` before hasing it with +``bcrypt``: + +.. code:: pycon + + >>> password = b"an incredibly long password" * 10 + >>> hashed = bcrypt.hashpw( + ... hashlib.sha512(password).digest(), + ... bcrypt.gensalt() + ... ) Compatibility ------------- |