You shouldn't use *any* general-purpose hash function for user passwords, not BLAKE2, and not MD5, SHA-1, SHA-256, or SHA-3
2024-10-20 03:39:21
hashlib — Secure hashes and message digests — Python 3.8.3 documentation https://docs.python.org/3.8/library/hashlib.html#randomized-hashing
BLAKE2 https://blake2.net/#qa
Q: So I shouldn't use BLAKE2 for hashing user passwords?
A: You shouldn't use *any* general-purpose hash function for user passwords, not BLAKE2, and not MD5, SHA-1, SHA-256, or SHA-3. Instead you should use a password hashing function such as the PHC winner Argon2 with appropriate time and memory cost parameters, to mitigate the risk of bruteforce attacks—Argon2's core uses a variant of BLAKE2's permutation.
最新文章
- 别用symbolicatecrash来解析crash Log了
- no package 'webkit-1.0' found
- Unity 利用NGUI做屏幕分辨率适配+学习UIDraggablePanel的使用
- 状态模式 java &;&; php
- WCF学习笔记(1)——Hello WCF
- FolderBrowserDialog组件选择文件夹
- .net版Git Server --- bonobo
- AWS(0) - Amazon Web Services
- Spring shiro 初次使用小结
- 基于springboot搭建的web系统架构
- 关于Data URLs svg图片显示出错和浏览器URL hash #
- 我从来不理解JavaScript闭包,直到有人这样向我解释它...
- SQL语法基础之UPDATE语句
- [算法专题] 深度优先搜索&;回溯剪枝
- javascript Navigator对象属性和方法
- 3D点云数据分析:pointNet++论文分析及阅读笔记
- perl debug
- Hibernate进行对象的增删改查
- spring boot启动加载数据
- 【Android】使用Pull生成/解析XML文件