You should ofc 'salt' end users passwords right before hashing them to stop being able to Get well the original password from the hash. $endgroup$$begingroup$ As hashes are set size, does that indicate that whether or not not specified when creating the password, all login methods would need to have some type of optimum enter duration (Despite the