Passion is like genius; a miracle.

Modern password hashing algorithms

Tags:

I found these good articles on modern algorithms for password hashing:

http://www.f-secure.com/weblog/archives/00002095.html suggest the following three:
PBKDF2
Bcrypt
PBMAC

Most notably, they are intended to be slow (so that bruteforce takes long time) and prevent rainbow table attack.

http://www.openwall.com/phpass/ is php implementation to use bcrypt. Read http://www.openwall.com/articles/PHP-Users-Passwords for explanation.

Here’s another article suggesting to use bcrypt: http://codahale.com/how-to-safely-store-a-password/

Comments

One response to “Modern password hashing algorithms”

  1. Scrypt – follow up on moderan password hashing algorithm – Passion is like genius; a miracle.

    […] is the follow up on the previous article: modern password hashing. In case you didn’t read it, bcrypt is slow hashing algorithm which is not vulnerable to […]

Leave a Reply

Your email address will not be published. Required fields are marked *