TL;DR
bcrypt has a maximum input length (typically 72 bytes). If you try to hash strings longer than this, the results can be unpredictable or lead to security vulnerabilities. This guide shows how to handle long passwords safely before hashing with bcrypt.
Solution Guide
- Understand the Problem: bcrypt is designed to work efficiently with a limited password length. Attempting to hash excessively long strings can cause issues, including truncation or unexpected behaviour.
- Check Password Length Before Hashing: Always verify the length of the user’s password before attempting to hash it. This prevents errors and potential security problems.
if len(password) > 72: # Handle long passwords (see next steps) else: hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) - Truncate Long Passwords: If a password exceeds the maximum length, truncate it to 72 characters. This is a simple solution but may reduce security slightly.
if len(password) > 72: password = password[:72] hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) - Hash in Chunks (Recommended): A more secure approach is to hash the password in smaller chunks and combine the results.
- Split the Password: Divide the long password into segments of a safe length (e.g., 64 characters).
chunk_size = 64 chunks = [password[i:i + chunk_size] for i in range(0, len(password), chunk_size)] - Hash Each Chunk: Hash each segment individually.
hashes = [] for chunk in chunks: hashes.append(bcrypt.hashpw(chunk.encode('utf-8'), bcrypt.gensalt())) - Combine the Hashes: Combine the individual hashes into a single representation. A simple method is to concatenate them.
combined_hash = ''.join(hashes)
- Split the Password: Divide the long password into segments of a safe length (e.g., 64 characters).
- Use a Key Derivation Function (KDF): Consider using a KDF like Argon2, scrypt or PBKDF2. These functions are specifically designed to handle long passwords and provide better security than bcrypt for very large inputs.
- Argon2 is generally preferred due to its resistance to GPU cracking attacks.
- These libraries often have built-in mechanisms to manage password length safely.
- Salt Management: Ensure you are using a unique, randomly generated salt for each password. This is crucial regardless of the hashing method.
salt = bcrypt.gensalt() hashed_password = bcrypt.hashpw(password.encode('utf-8'), salt) - Database Storage: Store the hashed password securely in your database, along with the salt used for hashing.
- Regular Security Audits: Regularly review your code and security practices to identify potential vulnerabilities.