Due to the pigeonhole principle they are inevitable. At least if the input space is bigger than the output, which may not be the case for passwords of course.
Still, even if they are shorter, if you do find a hash pre-image you don't actually know for absolute certain that what you found was the original input. Collisions are still possible.
In practical terms this doesn't really matter mostly. It's just good to be very clear about what you actually know when dealing with cryptography.
Given that a collision is technically what they're looking for.
They're just limiting the input to a "reasonable" range to find one faster.
Side note: A quick look through the iOS keyboard shows another 25+ characters that can be reasonably expected to match between operating systems. I need to try using some of them in my passwords. Going from 70^(length) to 100^(Length) is nothing to scoff at.
Due to the pigeonhole principle they are inevitable. At least if the input space is bigger than the output, which may not be the case for passwords of course.
Still, even if they are shorter, if you do find a hash pre-image you don't actually know for absolute certain that what you found was the original input. Collisions are still possible.
In practical terms this doesn't really matter mostly. It's just good to be very clear about what you actually know when dealing with cryptography.
Given that a collision is technically what they're looking for.
They're just limiting the input to a "reasonable" range to find one faster.
Side note: A quick look through the iOS keyboard shows another 25+ characters that can be reasonably expected to match between operating systems. I need to try using some of them in my passwords. Going from 70^(length) to 100^(Length) is nothing to scoff at.