Only in the most technical sense: cycle for cycle, PBKDF2 gets you the smallest ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on Feb 17, 2016 \| parent \| context \| favorite \| on: How to Safely Store Your Users' Passwords in 2016 Only in the most technical sense: cycle for cycle, PBKDF2 gets you the smallest amount of protection from that group of password hashes. PBKDF2 is still vastly better than non- password hashes like salted SHA.

joshreesjones on Feb 18, 2016 [–]

You say that "PBKDF2 is still vastly better than non-password hashes like salted SHA", but is PBKDF2 (with >10,000 iterations using SHA512 and a random salt, for example) secure enough?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact