Yes - this is reasonable. I'd generalise this to: "Use an accepted key derivatio... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

rlpb on Feb 23, 2014 | parent | context | favorite | on: Salted Password Hashing – Doing it Right

Yes - this is reasonable. I'd generalise this to:

"Use an accepted key derivation function, such as PBKDF2, bcrypt or scrypt, with accepted parameters".

What is "accepted" changes over time, of course.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact