in reply to Re: understand crypt
in thread understand crypt

A nice overview about current hashing algorithms:
Passwords should be hashed with either PBKDF2, bcrypt or scrypt, MD-5 and SHA-3 should never be used for password hashing and SHA-1/2(password+salt) are a big no-no as well. Currently the most vetted hashing algorithm providing most security is bcrypt.
Digest::Bcrypt


holli

You can lead your users to water, but alas, you cannot drown them.

Replies are listed 'Best First'.
Re^3: understand crypt
by Your Mother (Archbishop) on May 31, 2019 at 20:42 UTC

    That reads as good advice but it's from 2013 and security info that isn't extremely current should taken with a grain of salt, as it were.

    Note from Digest::Bcrypt’s POD: While maintenance for Digest::Bcrypt will continue, there's no reason to use Digest::Bcrypt when Crypt::Eksblowfish::Bcrypt already exists. We suggest that you use Crypt::Eksblowfish::Bcrypt instead.

[reply]

In Section Seekers of Perl Wisdom