simonepri/phc-pbkdf2

Secure default configurations

Open

#5 geöffnet am 6. März 2018

Auf GitHub ansehen
 (1 Kommentar) (0 Reaktionen) (1 zugewiesene Person)JavaScript (1 Fork)github user discovery
help wanted

Repository-Metriken

Stars
 (13 Stars)
PR-Merge-Metriken
 (PR-Metriken ausstehend)

Beschreibung

This issue will be updated with the current defaults used by this package while hashing your passwords.

Please comment on this issue to get them updated.

Defaults

/**
 * Default configurations used to generate a new hash.
 * @private
 * @type {Object}
 */
const defaultConfigs = {
  // Minimum number of rounds recommended to ensure data safety,
  // this value changes every year as technology improves.
  iterations: 25000,

  // The minimum recommended size for the salt is 128 bits.
  saltSize: 16, // bytes

  // SHA-1 is sufficient, using SHA-256 or SHA-512 has the benefit of
  // significantly increasing the memory requirements, which increases the cost
  // for an attacker wishing to attack use hardware-based password crackers
  // based on GPUs or ASICs.
  digest: 'sha512',
};

Last Update: 01/04/2018 (dd/mm/yyyy)

Contributor Guide