Two Questions

Hi there! Thanks for all the work you put into this library, both technical and educational. Much appreciated!! 

After reading through the Tutorial and the FAQs, I have two questions (I would have opened a GH discussion, but this repo doesn't seem to have those activated):

1. In the FAQs, [Does encrypting hide the length of the plaintext?](https://github.com/defuse/php-encryption/blob/master/docs/FAQ.md#does-encrypting-hide-the-length-of-the-plaintext), you are writing about having to pad the string in user land: 

  - Any tips or best practices how to do that with an arbitrary length input string?

2. In [Scenario #2: Encrypting account data with the user's login password](https://github.com/defuse/php-encryption/blob/master/docs/Tutorial.md#scenario-2-encrypting-account-data-with-the-users-login-password), you are talking about generating the key from the user's password. 
  - This would render the stored information useless as soon as the user changed their password, correct? Just to make sure I understand correctly :)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Two Questions #526

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Two Questions #526

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions