<dt><code>-C</code></dt>
<dd>This flag is only allowed in combination with <code>-B</code> (bcrypt
encryption). It sets the computing time used for the bcrypt algorithm
- (higher is more secure but slower, default: 5, valid: 4 to 31).</dd>
+ (higher is more secure but slower, default: 5, valid: 4 to 17).</dd>
<dt><code>-d</code></dt>
<dd>Use <code>crypt()</code> encryption for passwords. This is not
<p>Usernames are limited to <code>255</code> bytes and may not include the
character <code>:</code>.</p>
+
+ <p>The cost of computing a bcrypt password hash value increases
+ with the number of rounds specified by the <code>-C</code> option.
+ The <code>apr-util</code> library enforces a maximum number of
+ rounds of 17 in version <code>1.6.0</code> and later.</p>
</section>
</manualpage>
" -m Force MD5 encryption of the password (default)." NL
" -B Force bcrypt encryption of the password (very secure)." NL
" -C Set the computing time used for the bcrypt algorithm" NL
- " (higher is more secure but slower, default: %d, valid: 4 to 31)." NL
+ " (higher is more secure but slower, default: %d, valid: 4 to 17)." NL
" -d Force CRYPT encryption of the password (8 chars max, insecure)." NL
" -s Force SHA encryption of the password (insecure)." NL
" -p Do not encrypt the password (plaintext, insecure)." NL