Praznje marnje.

torek, julij 14, 2015

How to store your users' passwords safely

https://nakedsecurity.sophos.com/2013/11/20/serious-security-how-to-store-your-users-passwords-safely/

  • Use a strong random number generator to create a salt of 16 bytes or longer.
  • Perform 10,000 iterations or more. (November 2013.)
  • Store the iteration count, the salt and the final hash in your password database.
  • Increase your iteration count regularly to keep up with faster cracking tools.

Whatever you do, don't try to knit your own password storage algorithm.


Ni komentarjev: