jclermont, 4 months ago @heiglandreas That's a fair point, and the default max being discussed is 72 (due to bcrypt internals), so it would not violate the NIST recommendation.
@heiglandreas That's a fair point, and the default max being discussed is 72 (due to bcrypt internals), so it would not violate the NIST recommendation.