I'm just going by what I've read elsewhere, and I don't have citations on hand. ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

mistercow on Feb 23, 2014 | parent | context | favorite | on: Salted Password Hashing – Doing it Right

I'm just going by what I've read elsewhere, and I don't have citations on hand. I'm not a security expert, I just try to listen to security experts.

So if you say bcrypt is as well vetted as PBKDF2, I'm going to defer to your judgment and update accordingly.

rdl on Feb 23, 2014 [–]

What's maybe more relevant is that PBKDF2 is explicitly called out by name as the Proper Thing in various standards, so it's less work to use it in environments where people care about those standards.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact