Timeline for Is using 100,000 iterations of sha256 good enough for password storage? [duplicate]
Current License: CC BY-SA 3.0
12 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 18, 2018 at 12:05 | history | closed | CommunityBot Luc Xiong Chiamiov Matthew Rory Alsop♦ | Duplicate of How to securely hash passwords?, Recommended # of iterations when using PBKDF2-SHA256? | |
| Feb 12, 2018 at 16:10 | comment | added | David Conrad | Any question about whether some security is "good enough" should be qualified by what you're trying to secure with it. | |
| Feb 11, 2018 at 18:11 | answer | added | Luc | timeline score: 1 | |
| Feb 11, 2018 at 17:41 | answer | added | Anti-weakpasswords | timeline score: 6 | |
| Feb 11, 2018 at 4:25 | comment | added | forest | Note that iterative hash functions and PBKDF2 are different. PBKDF2 mitigates some attacks that multiple hash rounds don't. | |
| Feb 11, 2018 at 1:18 | answer | added | Polynomial | timeline score: 4 | |
| Feb 10, 2018 at 23:11 | review | Close votes | |||
| Feb 18, 2018 at 12:05 | |||||
| Feb 10, 2018 at 21:31 | comment | added | Steffen Ullrich | Am I right that you are using no salt? In the case the same password for different users results in the same hash no matter how many iterations you use which is not what a proper password hash should do. | |
| Feb 10, 2018 at 21:29 | answer | added | Chris Tsiakoulas | timeline score: -5 | |
| Feb 10, 2018 at 20:54 | comment | added | jrtapsell | Even if you are salting there will still be other issues with using just SHA256 | |
| Feb 10, 2018 at 20:39 | review | First posts | |||
| Feb 10, 2018 at 20:46 | |||||
| Feb 10, 2018 at 20:37 | history | asked | Matt | CC BY-SA 3.0 |