You are not logged in. Your edit will be placed in a queue until it is peer reviewed.
We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.
Required fields*
- 1Just an idea: Could one do like ~20k rounds on the client PC and than 1k on the server? If an attacker would start by guessing "normal passwords", he would still have to do 21k rounds. And if he'd start with keys, he'd only need to do 1k rounds, but the entropy should be much higher. Am I missing something? Seems like a good solution to me.cooky451– cooky4512012-12-04 17:16:53 +00:00Commented Dec 4, 2012 at 17:16
- @cooky451: you can do that, but that can be hard to configure. Clients can use a wide variety of hardware, some of which very feeble when it comes to computing. Also, in a Web context, this means Javascript, and you will not get a lot of iterations out of a Javascript implementation of PBKDF2 (it would work much better with a Java applet, but that's yet another can of worms).Thomas Pornin– Thomas Pornin2012-12-04 17:24:59 +00:00Commented Dec 4, 2012 at 17:24
- 2I don't understand how you got to 8ms in your example. If f=200, p=30 * 24 * 60 * 60 * 1000?, n=32 . Then v is 241ms? I transformed 1 month to millis. Not sure what I am doing wrong. Thanks for the answerJosé F. Romaniello– José F. Romaniello2014-08-26 21:12:07 +00:00Commented Aug 26, 2014 at 21:12
- It does come out to 241ms. In fact, if you plug 8ms into the formula, you get approximately 23 hours out as "attacker patience". Which is a whole lot less than a month (for a single 32 bit entropy password)... And low enough where the recommended value of 8ms should likely be raised.ircmaxell– ircmaxell2014-09-10 15:20:04 +00:00Commented Sep 10, 2014 at 15:20
- 1@CharlesWood I would say that needs to be a part of your risk model. If you have assets that are interesting to a nation-state, then I would approximate the attacker's capabilities to be quite high. If you are running a hot-or-not site, perhaps your attackers will be less well-equipped. This question (and answer) is fairly old, but BitWarden currently uses 600,001 rounds of PBKDF2 by default. OWASP currently recommends 600,000. I suspect these are fairly conservative settings based upon a fairly capable adversary.Christopher Schultz– Christopher Schultz2023-08-23 14:17:45 +00:00Commented Aug 23, 2023 at 14:17
| Show 8 more comments
How to Edit
- Correct minor typos or mistakes
- Clarify meaning without changing it
- Add related resources or links
- Always respect the author’s intent
- Don’t use edits to reply to the author
How to Format
- create code fences with backticks ` or tildes ~ ```
like so
``` - add language identifier to highlight code ```python
def function(foo):
print(foo)
``` - put returns between paragraphs
- for linebreak add 2 spaces at end
- _italic_ or **bold**
- quote by placing > at start of line
- to make links (use https whenever possible) <https://example.com>[example](https://example.com)<a href="https://example.com">example</a>
How to Tag
A tag is a keyword or label that categorizes your question with other, similar questions. Choose one or more (up to 5) tags that will help answerers to find and interpret your question.
- complete the sentence: my question is about...
- use tags that describe things or concepts that are essential, not incidental to your question
- favor using existing popular tags
- read the descriptions that appear below the tag
If your question is primarily about a topic for which you can't find a tag:
- combine multiple words into single-words with hyphens (e.g. web-application), up to a maximum of 35 characters
- creating new tags is a privilege; if you can't yet create a tag you need, then post this question without it, then ask the community to create it for you