Question
As I understand the maximum time parameter:
https://stackoverflow.com/questions/17173909
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiandata = scrypt.encrypt('MESSAGE', 'password', maxtime=0.1)
Means python will hash for that amount of time.
However, I can go down as low as .76 and it will still decrypt
scrypt.decrypt(data, 'password', maxtime=0.076)
What's the cause for this? Why don't I need a decrypt maxtime = encrypt maxtime?
Solution
You dont, but it is recommended that you set it at least 0.5 to interfere with brute force attacks on your passwords. maxtime is not only the maximum time, but the minimum time too. If you set max time too low, the library will not have enough time to decrypt it. I'd stick with the higher values.
scrypt explains some of it
