Y
Hacker News
new
|
ask
|
show
|
jobs
by
zja
542 days ago
You truncate passwords to prevent DOS
1 comments
lesuorac
542 days ago
Why not either show an error or do a client-side hash so there's a fixed length?
link
orblivion
542 days ago
Showing an error is probably the right thing. Client-side mitigations wouldn't prevent a DOS.
link