Hacker News new | past | comments | ask | show | jobs | submit login

You're only supposed to send the first 16 characters of the hash, not the whole thing.



That's effectively the same thing. 16 hex characters is 64 bits. Most users have a password with much less than 64 bits of entropy. So for most users truncating the hash to 64 bits provides no benefit.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: