
Node.js Security Deep Dive - andreigaspar
https://www.andreigaspar.com/nodejs-security-deep-dive/
======
112
_" BCrypt is also CPU intensive and slow, basically the faster the CPU the
slower it runs."_ \- is that true??

Bcrypt cracking estimations:
[https://security.stackexchange.com/questions/139721/estimate...](https://security.stackexchange.com/questions/139721/estimate-
the-time-to-crack-passwords-using-bcrypt)

Did anyone use
[https://en.wikipedia.org/wiki/Argon2](https://en.wikipedia.org/wiki/Argon2)
for password hashing in production?

~~~
andreigaspar
Hey OP here. That is an oversimplification of a complex topic, but
accelerating bcrypt with GPUs and faster memory doesn't work as one would
expect. You don't get the performance benefits that you would get against
other hashing algorithms.

I should rephrase that though because it sounds weird. It doesn't come off as
intended.

I did not use Argon2 btw.

Thanks for reading!

