diff --git a/lib/Travelynx.pm b/lib/Travelynx.pm
index 49c1399..eec16ca 100755
--- a/lib/Travelynx.pm
+++ b/lib/Travelynx.pm
@@ -36,7 +36,7 @@ use XML::LibXML;
sub check_password {
my ( $password, $hash ) = @_;
- if ( bcrypt( $password, $hash ) eq $hash ) {
+ if ( bcrypt( substr( $password, 0, 10000 ), $hash ) eq $hash ) {
return 1;
}
return 0;
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 0435d51..97ea8ad 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -13,7 +13,7 @@ sub hash_password {
my @salt_bytes = map { int( rand(255) ) + 1 } ( 1 .. 16 );
my $salt = en_base64( pack( 'C[16]', @salt_bytes ) );
- return bcrypt( $password, '$2a$12$' . $salt );
+ return bcrypt( substr( $password, 0, 10000 ), '$2a$12$' . $salt );
}
sub make_token {
diff --git a/templates/change_password.html.ep b/templates/change_password.html.ep
index 29aa621..c49226a 100644
--- a/templates/change_password.html.ep
+++ b/templates/change_password.html.ep
@@ -15,12 +15,12 @@
lock
- %= password_field 'newpw', id => 'password', class => 'validate', required => undef, minlength => 8, autocomplete => 'new-password'
+ %= password_field 'newpw', id => 'password', class => 'validate', required => undef, minlength => 8, maxlength => 10000, autocomplete => 'new-password'
lock
- %= password_field 'newpw2', id => 'password2', class => 'validate', required => undef, minlength => 8, autocomplete => 'new-password'
+ %= password_field 'newpw2', id => 'password2', class => 'validate', required => undef, minlength => 8, maxlength => 10000, autocomplete => 'new-password'
diff --git a/templates/register.html.ep b/templates/register.html.ep
index c27b591..7aba55a 100644
--- a/templates/register.html.ep
+++ b/templates/register.html.ep
@@ -17,12 +17,12 @@
lock
- %= password_field 'password', id => 'password', class => 'validate', required => undef, minlength => 8, autocomplete => 'new-password'
+ %= password_field 'password', id => 'password', class => 'validate', required => undef, minlength => 8, maxlength => 10000, autocomplete => 'new-password'
lock
- %= password_field 'password2', id => 'password2', class => 'validate', required => undef, minlength => 8, autocomplete => 'new-password'
+ %= password_field 'password2', id => 'password2', class => 'validate', required => undef, minlength => 8, maxlength => 10000, autocomplete => 'new-password'