PHP password_hash() password_verify() maximum password length?

Question

What is the maximum password length I can use with PHP 5.5 password_hash() and password_verify()?

Answer 1

Ok, let's go through this.

The function does have a password length limit. Just like all strings in PHP, it is limited to 2^31-1 bytes.

To be clear, there's no way for PHP to deal with anything larger than that (today at least).

So the function itself is limited. But what about the underlying crypto algorithms.

BCrypt is limited to processing the first 72 characters of password. However, this is not commonly a problem as explained in this answer.

So in short, yes it does have an effective limit (it will only "use" the first 72 chars with the default and only algorithm), And no this is not a problem and nor should you try to "fix" or "mitigate" it.

Answer 2

password_hash itself doesn't have a length limit.

Blowfish, however

has a 64-bit block size and a variable key length from 32 bits up to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. In structure it resembles CAST-128, which uses fixed S-boxes. _(Wikipedia)

Which means an effective limit of 56 characters when using CRYPT_BLOWFISH as the cipher (which is the default).