Password storage (was Re: gmail security is a joke)
Robert Kisteleki
robert at ripe.net
Thu May 28 09:29:31 UTC 2015
> Bcrypt or PBKDF2 with random salts per password is really what anyone
> storing passwords should be using today.
Indeed. A while ago I had a brainfart and presented it in a draft:
https://tools.ietf.org/html/draft-kistel-encrypted-password-storage-00
It seemed like a good idea at the time :-) It didn't gain much traction though.
Robert
More information about the NANOG
mailing list