subject:"Limits for bcrypt_pbkdf\(3\) vs bcrypt\(3\)"

Re: Limits for bcrypt_pbkdf(3) vs bcrypt(3)

2017-02-07 Thread bytevolcano

cheers Ted, On Tue, 07 Feb 2017 14:50:49 -0500 "Ted Unangst" wrote: > bytevolc...@safe-mail.net wrote: > > 1. Does the 72-character limit also apply to bcrypt_pbkdf() > > [presumably this will mean softraid(4) crypto won't accept > > passwords >72 chars anymore]? > > No.

Re: Limits for bcrypt_pbkdf(3) vs bcrypt(3)

2017-02-07 Thread Flipchan

Have u tried scrypt? bytevolc...@safe-mail.net skrev: (7 februari 2017 16:16:21 CET) >I am investigating bcrypt_pbkdf(3) or bcrypt(3) to secure passphrases >within an existing application. > >However, the man page for bcrypt_pbkdf() does not mention the >72-character password limit that bcrypt()

Re: Limits for bcrypt_pbkdf(3) vs bcrypt(3)

2017-02-07 Thread Ted Unangst

bytevolc...@safe-mail.net wrote: > 1. Does the 72-character limit also apply to bcrypt_pbkdf() [presumably >this will mean softraid(4) crypto won't accept passwords >72 chars >anymore]? No. There is no limit. (The inputs can also contain 0 bytes.) > 2. What is the recommended buffer size

Limits for bcrypt_pbkdf(3) vs bcrypt(3)

2017-02-07 Thread bytevolcano

I am investigating bcrypt_pbkdf(3) or bcrypt(3) to secure passphrases within an existing application. However, the man page for bcrypt_pbkdf() does not mention the 72-character password limit that bcrypt() does, especially given bcrypt_pbkdf() appears to accept an output buffer whose length is