BCrypt hash function can handle maximum 72 characters, and if we pass password of length more than 72 characters it ignores extra characters. Hence need to put a restriction on password length.