Hacker News new | past | comments | ask | show | jobs | submit login

> The current best practice of simply hashing passwords with bcrypt is fine

With the caveat that you have to make sure you're hashing the entire password. Don't silently truncate.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: