oss-sec mailing list archives
Re: [OSSN-0081] sha512_crypt is insufficient for password hashing
From: Nicholas Prowse <nick5990 () yahoo co uk>
Date: Mon, 18 Sep 2017 20:44:08 +0000 (UTC)
40000 iterations of PBKDF2 algorithm according to Sophia's Naked Security as of last month. https://nakedsecurity.sophos.com/2013/11/20/serious-security-how-to-store-your-users-passwords-safely/ Google is your friend. -------------------------------------------- On Mon, 18/9/17, Jordan Glover <Golden_Miller83 () protonmail ch> wrote: Subject: Re: [oss-security] [OSSN-0081] sha512_crypt is insufficient for password hashing To: "oss-security () lists openwall com" <oss-security () lists openwall com> Date: Monday, 18 September, 2017, 19:00 What number of iterations is considered secure for sha512crypt/pbkdf2 these days?
Current thread:
- [OSSN-0081] sha512_crypt is insufficient for password hashing Luke Hinds (Sep 17)
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Solar Designer (Sep 17)
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Jordan Glover (Sep 18)
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Jeremy Stanley (Sep 18)
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Solar Designer (Sep 27)
- <Possible follow-ups>
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Nicholas Prowse (Sep 18)
- Re: [OSSN-0081] sha512_crypt is insufficient for password hashing Solar Designer (Sep 17)