*used to be unsafe
just to note, other implementations have the same design (silent and truncate), I've recently found out that htpasswd from Apache HTTP server has the same silent behavior
Well, if you limit the discussion to passwords, you're right, maybe no need to worry especially if using randomly generated ones (like ones from password managers), but if the algorithm is used to check some "composed" credentials (like what happened with Okta last year) then maybe it's worth worrying about, no ?
Double-Hatted Data Scientist & Engineer with experience building end-to-end ML systems—from data pipelines (Python, Spark, AWS, Azure, Hadoop on premises) to production-grade models (Scikit-learn, PyTorch, TensorFlow).
I've led projects in geospatial ML, fraud detection, and LLM/RAG apps. Strong focus on clean code, data quality, and scalable, reusable ML infrastructure.
Open for opportunities where I can contribute to impactful data-related projects.
Location: Morocco
Remote: Yes (open to hybrid and on-site too)
Willing to relocate: Yes
Technologies: Python, SQL, Spark, PyTorch, Scikit-learn, TensorFlow, Airflow, AWS, Azure, RAG, LLMs, MLOps