simonepri/phc-pbkdf2

Secure default configurations

Open

#5 opened on 2018年3月6日

GitHub で見る
 (1 comment) (0 reactions) (1 assignee)JavaScript (1 fork)github user discovery
help wanted

Repository metrics

Stars
 (13 stars)
PR merge metrics
 (PR metrics pending)

説明

This issue will be updated with the current defaults used by this package while hashing your passwords.

Please comment on this issue to get them updated.

Defaults

/**
 * Default configurations used to generate a new hash.
 * @private
 * @type {Object}
 */
const defaultConfigs = {
  // Minimum number of rounds recommended to ensure data safety,
  // this value changes every year as technology improves.
  iterations: 25000,

  // The minimum recommended size for the salt is 128 bits.
  saltSize: 16, // bytes

  // SHA-1 is sufficient, using SHA-256 or SHA-512 has the benefit of
  // significantly increasing the memory requirements, which increases the cost
  // for an attacker wishing to attack use hardware-based password crackers
  // based on GPUs or ASICs.
  digest: 'sha512',
};

Last Update: 01/04/2018 (dd/mm/yyyy)

コントリビューターガイド