Explore >> Select a destination
|
You are here 
|
blog.josefsson.org | ||
| | | | |
scottarc.blog
|
|
| | | | | Musing about Password-Based Cryptography for the Government What would a modern NIST standard for password-based cryptography look like? Obviously, we have PBKDF2--which, if used with a FIPS-approved hash function, gives you a way to derive encryption keys and/or password validators from human-memorable secrets. However, PBKDF2 isn't memory-hard. In 2012, several cryptographers initiated the Password Hashing... | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | ASVS states that passwords should be at most 128 characters. This originates from the idea that longer passwords take longer to hash, which can lead to a denial of service when an attacker performs login attempts with very long passwords. However, this is not generally true. With a proper hash function, longer passwords do not take a significantly longer time to hash. | |
| | | | |
dusted.codes
|
|
| | | | | SHA-256 is not a secure password hashing algorithm | |
| | | | |
cornay.co.za
|
|
| | | |||
