hngopher.com

       [HN Gopher] Why Bcrypt Can Be Unsafe for Password Hashing?
       ___________________________________________________________________
        
       Why Bcrypt Can Be Unsafe for Password Hashing?
        
       Author : enamya
       Score  : 7 points
       Date   : 2025-11-05 21:57 UTC (11 days ago)
        
 (HTM) web link (blog.enamya.me)
 (TXT) w3m dump (blog.enamya.me)
        
       | byhemechi wrote:
       | Does this really need yet another blog post? 72 characters is
       | more than enough to be resistant to brute-force attacks, as
       | demonstrated by thousands of data breaches containing bcrypt
       | hashes that remain uncracked (excluding the obvious top 1k
       | passwords/ credential stuffing). In my personal opinion calling
       | it "unsafe" is just fear mongering, especially in conjunction
       | with a recommendation of using Argon2 which is comparatively very
       | new and is probably safe - but once again, does not have the
       | proven record that bcrypt does.
        
         | mikehall314 wrote:
         | I agree 72 characters is plenty for most circumstances.
         | However, as the blog points out, this is a byte limit not a
         | character limit.
         | 
         | Some of the family emoji can be > 20 bytes. Some of the
         | profession emoji can be > 17 bytes. If people are using emoji
         | in their passwords, we could quite quickly run out of bytes.
         | 
         | I think it's a limitation worth being aware of, even if
         | "unsafe" is perhaps overstating it.
        
           | testdelacc1 wrote:
           | Does anyone actually use emoji as a password.
        
             | flysand7 wrote:
             | yea, me (pls dont crack)
        
           | byhemechi wrote:
           | I still don't see how that's an issue, yes a password using a
           | series of ridiculously complicated family emoji will be
           | truncated but the actual bytes still provide entropy, just
           | because the data doesn't use pixels when rendered doesn't
           | mean it doesn't increase the search space
        
           | cwbriscoe wrote:
           | You could always pre-hash the password with sha256 or
           | something similar to guarantee you won't go over the 72 byte
           | limit.
        
             | stavros wrote:
             | I don't understand why this isn't a mandatory first step in
             | the bcrypt algorithm itself. Who thought that a 72 byte
             | limit was a good idea?
        
       ___________________________________________________________________
       (page generated 2025-11-16 23:00 UTC)