You are viewing a single comment's thread from:

RE: Horizons Week 4 - Web App Authentication and Further Crypto Adventures

in #life7 years ago

just a small addition, since I am here:

  • user don't need to send their passwords in clear. you send them the salt then they send you the hash.
  • use a hard for GPU hash function, like those use for mining: scrypt, bcrypt. Sha is too fast. At least use PBKDF2
  • use a library that test the password strength like zxcvbn (there are different implementations)

voilà

Sort:  

Very true, thanks for pointing out my error!

Coin Marketplace

STEEM 0.18
TRX 0.16
JST 0.029
BTC 76335.49
ETH 3087.08
USDT 1.00
SBD 2.61