Closed ghost closed 8 years ago
Thanks for the notice. And you are completely right that sha512 is not a good approach due to "truncation". After research a litle bit, I found that is not big problem for current users (http://crypto.stackexchange.com/questions/9435/is-truncating-a-sha512-hash-to-the-first-160-bits-as-secure-as-using-sha1); the hash truncation is safe enough for the purpose we are uusing it here.
In any case, I will deprecate that hasher and setup an other combination of bcrypt with proper hasher.
Thanks again.
Is not fixed in master. The bcrypt+sha384
that does not reaches the 72 limit of chars of bcrypt. This is new default hasher and bcrypt+sha512
is not deprecated and marked to be updateable always.
Finally, a different solution is taken for it conserving bcrypt+sha512 as recommeded hasher, just fixing it and maintain the backward compatibility for old passwords.
From: Is it good practice to SHA512 passwords prior to passing them to bcrypt?