libsodium’s default password hashing algorithm is likely to become Argon2id. Don’t assume that crypto_pwhash_ALG_DEFAULT is a constant.
-
-
Replying to @jedisct1
Is there a high level API that can handle re-hashing on next use, or nested algorithms? for adaptable pw stores.
2 replies 0 retweets 0 likes -
Replying to @colmmacc
A function to extract the algorithm ID from the string-encoded hash could be a useful addition, though.
1 reply 0 retweets 0 likes -
Replying to @jedisct1
wdyt of a function that would take the username, a mac-key, and can re-hash passwords when upgrading alg? also mac(username, pw).
1 reply 0 retweets 0 likes -
mac to avoid password substitution attacks across users, built-in upgrade to support agility. Overall less foot-gun-y.
1 reply 0 retweets 0 likes
Replying to @colmmacc
That would be useful indeed, along with the ability to encrypt salts and hashes. Gonna see if I can design a unified API for this.
1:38 PM - 29 Mar 2017
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.