> I don't think it would be useful to limit this at an arbitrary point, iteration
> count can be set per password and if someone wants a specific password to be
> super-hard to brute force then why should we limit that?
I agree with that. Maybe some users do want a super-hard password.
RFC 7677 and RFC 5802 don't specify the maximum number of iterations.
> If we want to add CHECK_FOR_INTERRUPTS inside the loop I think a brief
> comment would be appropriate.
This has been completed in patch v2 and it's ready for review.
Bowen Shi