I vaguely remember giving it some consideration. But the bigger point is that my judgement on these things is not to be trusted since I'm just an application developer and not a crypto expert.
Yeah thats the thing, I'm not a crypto expert either but I'd love to use it. But if it gets popular, and there is an accidental mistake that actually makes it easy to guess passwords, I don't want to risk that happening.
Good news. Did a bit of investigation, it seems like this could be vulnerable to a length extension attack [1] (though the attack its still pretty useless in this particular case) but it appears that truncating is both safe and takes care of length extension attacks! [2]
