I was reading this question regarding bcrypt max password length.
Is there a preferred method or way to allow user passwords to be unlimited length? Or at least much higher?
Is there an alternative library? Or a full alternative method? Currently I'm using Node with this npm package.
The 72-character limit is caused by Blowfish cipher, which is used internally for Bcrypt. You can limit the length of the password in your application, truncate it, or (may not be the brightest idea) hash it and pass the output of the hash function to Bcrypt. Either way, it is not possible to beat the Bcrypt cipher's internal limit.