Which Version of JDK Should I Use? | whichjdk.com
Introduction | Kryptor
Home | Illuminated Security
News Score
Description: Thoughts on application security, applied crypto, philosophy and logic
Thoughts on application security, applied crypto, philosophy and logic
If you want to learn how to store passwords securely, you could do a lot worse than looking at the OWASP Password Storage Cheat Sheet . These cheat sheets are generally pretty good, and the password storage one is particularly good. The editors do a great job of keeping it up to date and incorporating the latest research from experts. (Just bear in mind that the recommendations there are when using password for authentication. If you’re using a password to encrypt sensitive data then you should be aware of
One of the hash functions that OWASP recommend is bcrypt , which should be familiar to anyone who’s ever looked at password hashing. Bcrypt is generally an ok choice, but it has some quirks that make it hard to love. As pointed out in the cheat sheet, many implementations cannot handle input passwords longer than 72 bytes. (And some implementations are not binary safe either ). To get around this, it was common advice at one point to “pre-hash” the input using some other fast hash function like SHA-256. Tha
Which Version of JDK Should I Use? | whichjdk.com
Introduction | Kryptor
Home | Illuminated Security
News Score