Explore >> Select a destination
|
You are here 
|
soatok.blog | ||
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | To securely store passwords they should be hashed with a slow hashing function, such as PBKDF2. PBKDF2 is slow because it calls a fast hash function many times. This blog post explores some properties that the iterations must have to be secure. | |
| | | | |
scottarc.blog
|
|
| | | | | Head's up: This is a blog post about applied cryptography, with a focus on web and cloud applications that encrypt data at rest in a database or filesystem. While the lessons can be broadly applicable, the scope of the post is not. One of the lessons I learned during my time at AWS Cryptography (and... | |
| | | | |
notes.volution.ro
|
|
| | | | | About the many types of hash functions, their use-cases, dos and don'ts, with suggestions for currently accepted algorithms. | |
| | | | |
pboyd.io
|
|
| | | Here's a fun list to look through: Dumb Password Rules. Most of the rules seem arbitrary, like only allowing digits, but some hint at deeper problems. For instance, preventing single-quotes. They aren't inserting passwords into a database without a SQL placeholder, right? Nearly every site on that list has a needlessly short maximum password size. If they're storing passwords correctly, there's no need for this. This post will go through a few bad ways to store a password and you can see what I mean.... | ||
