It is best to ofc 'salt' people passwords just before hashing them in order to avoid with the ability to Get better the original password from the hash. $endgroup$$begingroup$ As hashes are fastened length, does that mean that although not specified when creating the password, all login systems would want to have some kind of maximum input length (