Comment 14 for bug 1175906
Revision history for this message
| Robert Clark (robert-clark) wrote Re: passlib long password DoS | #14 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
In principle I'd rather have something configurable. The only way to not break existing deployments that I can see is to make this configurable, default it to 4096 and issue guidance on reducing this with accompanying text on how this will break users with passwords longer than the new default.