RE: Horizons Week 4 - Web App Authentication and Further Crypto Adventures — Hive

You are viewing a single comment's thread from:

RE: Horizons Week 4 - Web App Authentication and Further Crypto Adventures

View the full context

cryptohazard (63)in #life • 7 years ago

just a small addition, since I am here:

user don't need to send their passwords in clear. you send them the salt then they send you the hash.
use a hard for GPU hash function, like those use for mining: scrypt, bcrypt. Sha is too fast. At least use PBKDF2
use a library that test the password strength like zxcvbn (there are different implementations)

voilà

7 years ago in #life by cryptohazard (63)

Sort:

robertdurst10 (58) 7 years ago

Very true, thanks for pointing out my error!

$0.00