simonepri/phc-pbkdf2

Secure default configurations

Open

#5 aberto em 6 de mar. de 2018

Ver no GitHub
 (1 comment) (0 reactions) (1 assignee)JavaScript (1 fork)github user discovery
help wanted

Métricas do repositório

Stars
 (13 stars)
Métricas de merge de PR
 (Métricas PR pendentes)

Description

This issue will be updated with the current defaults used by this package while hashing your passwords.

Please comment on this issue to get them updated.

Defaults

/**
 * Default configurations used to generate a new hash.
 * @private
 * @type {Object}
 */
const defaultConfigs = {
  // Minimum number of rounds recommended to ensure data safety,
  // this value changes every year as technology improves.
  iterations: 25000,

  // The minimum recommended size for the salt is 128 bits.
  saltSize: 16, // bytes

  // SHA-1 is sufficient, using SHA-256 or SHA-512 has the benefit of
  // significantly increasing the memory requirements, which increases the cost
  // for an attacker wishing to attack use hardware-based password crackers
  // based on GPUs or ASICs.
  digest: 'sha512',
};

Last Update: 01/04/2018 (dd/mm/yyyy)

Guia do colaborador