|
|
|
|
|
|
by meuk
2482 days ago
|
|
|
To put this in perspective: The cost of calculating a 10k character hash is negligible compared to serving a modestly sized image. Still, you have a point that allowing arbitrary sized passwords to denial-of-service attacks. Still, a more reasonable limit would be 100 or 256, for example. |
|
|