Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post

photon · 05-29-2013, 01:20 PM

Even salting is almost useless with the advent of GPU.

As the article mentions, using bcrypt or even scrypt (scrypt is designed to scale memory usage up as well), algorithms that can scale up in difficulty as hardware changes, should be standard or required for creating an application/site/whatever that stores a password hash.

But security is hard.

It'd be nice if something like OpenID became a defacto standard, or a standard set of libraries and implementations that developers would use at least.

05-29-2013, 01:20 PM	#55
photon The new goggles also do nothing. Join Date: Oct 2001 Location: Calgary Exp:	Even salting is almost useless with the advent of GPU. As the article mentions, using bcrypt or even scrypt (scrypt is designed to scale memory usage up as well), algorithms that can scale up in difficulty as hardware changes, should be standard or required for creating an application/site/whatever that stores a password hash. But security is hard. It'd be nice if something like OpenID became a defacto standard, or a standard set of libraries and implementations that developers would use at least. __________________ Uncertainty is an uncomfortable position. But certainty is an absurd one.