Y
Hacker News
new
|
ask
|
show
|
jobs
by
taurknaut
494 days ago
Maybe it should. Discarding the rest of the bytes works fine for
passwords
, though. I guess that's just not sufficient.
1 comments
pclmulqdq
493 days ago
In my book, discarding entropy is a generally dumb thing to do. Passwords are usually under 72 chars, but a lot of people use concatenations of usernames and passwords in their hash to get guaranteed domain separation between users.
link