

Cryptographic Hash Functions Are Not Password Hash Functions - Swizec
http://throwingfire.com/storing-passwords-securely/?r#notpasswordhashes

======
ericcholis
For curiosity's and an cryptography newb, how does the lithium PHP framework
stack up against the methods discussed in the article?

Password hashing: <http://lithify.me/docs/lithium/security/Password::hash()>

~~~
thirsteh
If you use CRYPT_BLOWFISH (bcrypt) it's fine.

~~~
ericcholis
Thanks for the response, looks like it uses a Blowfish salt by default.

