You should ofc 'salt' consumers passwords ahead of hashing them to prevent having the ability to Get well the original password from the hash. $endgroup$$begingroup$ As hashes are fixed size, does that indicate that whether or not not specified when creating the password, all login methods would wish to have some sort of maximum enter length (While