My program includes a feature where users could encrypt certain data using a password. As not all passwords will be a proper length, are there any insecurities in fixing this by hashing the password (with a good algorithm) to generate a fixed-length key which will then be fed into AES?
EDIT: Never mind, see http://en.wikipedia.org/wiki/Key_derivation_function