Hacker News new | past | comments | ask | show | jobs | submit login

Such a low maximum length does not make a lot of sense, but say a limit of 1024/2048 seems reasonable. The amount of time it takes to compute a hash is proportional to the length of the input and you do not want to facilitate a DOS attack.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact