HiveBrain v1.2.0
Get Started
← Back to all entries
patternMajor

Do passwords need a max length?

Submitted by: @import:stackexchange-cs··
0
Viewed 0 times
lengthpasswordsmaxneed

Problem

I understand that password storage generally uses hashing for security due to it being irreversible and that the stored hash is just compared to the hash of the password inputed by a user attempting to log in. As hashes are fixed length, does that mean that even if not specified when creating the password, all login systems would need to have some sort of maximum input length (although probably very high)? Allowing inputs larger than the output length would risk collision. This would mean that 2 different passwords could be hashed and appear to match.

Solution

No. There is no limit on the length of the input to for most good cryptographic hash functions. As a result, password hashing can support passwords of unlimited length and do not need to impose a limit on the maximum length of the password.

Of course collisions are possible and exist, but they are believed to be exceptionally difficult for anyone to find, so for engineering purposes we can essentially ignore the possibility of collisions, assuming we have chosen an appropriate hash function. See the following:

  • https://en.wikipedia.org/wiki/Collision_resistance



  • https://en.wikipedia.org/wiki/Cryptographic_hash_function#Password_verification



  • https://en.wikipedia.org/wiki/Cryptographic_hash_function



  • https://security.stackexchange.com/q/211/971



  • https://security.stackexchange.com/q/25585/971



  • https://security.stackexchange.com/q/51959/971



Separately: I expect you're going to be very interested in What technical reasons are there to have low maximum password lengths?. One ancient password hash function -- which wasn't very good -- did have a maximum length limit, for reasons that aren't relevant today. No one today should be using that ancient hash any longer.

-
OK, OK, before you quibble: no practically relevant upper limit.

-
I recently learned that bcrypt limits passwords to 72 bytes. My thanks to @IMSoP.

Context

StackExchange Computer Science Q#161264, answer score: 22

Revisions (0)

No revisions yet.