I have not played with the code though I should. I wonder why PBKDF2 instead of Bcrypt. Even with all the time passed making the latter the ageing technology… it’s never been broken—which is a better and better sign with an older algorithm—and with standard hardware it’s still harder to brute force.

This kind of thing is deviously difficult to do simply, correctly, and cleanly so I really appreciate you putting an implementation forward.