PHP Crypt seems to create the same string for crypt(A,myhash) as crypt((A.B,myhash) where A is greater than 8 digits.

The title sort of says it all, but I’m wondering how to avoid this. My password validation currently does this frustrating thing where Password = Password works, but so does Password = Passwordssssssss

Shorter strings like Password = test don’t exhibit this behavior.

I feel like this means there’s no point in having a password longer than 8 digits which I find confusing… Thoughts?


Source: stackoverflow-php