Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 18 Sep 2017 20:44:08 +0000 (UTC)
From: Nicholas Prowse <nick5990@...oo.co.uk>
To:  <oss-security@...ts.openwall.com>
Subject: Re: [OSSN-0081] sha512_crypt is insufficient for
 password hashing

40000 iterations of PBKDF2 algorithm according to Sophia's Naked Security as of last month.

https://nakedsecurity.sophos.com/2013/11/20/serious-security-how-to-store-your-users-passwords-safely/

Google is your friend.

--------------------------------------------
On Mon, 18/9/17, Jordan Glover <Golden_Miller83@...tonmail.ch> wrote:

 Subject: Re: [oss-security] [OSSN-0081] sha512_crypt is insufficient for password hashing
 To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
 Date: Monday, 18 September, 2017, 19:00
 
 What number of iterations is
 considered secure for sha512crypt/pbkdf2 these days?
 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ