simonepri/phc-pbkdf2

Secure default configurations

Open

#5 建立於 2018年3月6日

在 GitHub 查看
 (1 留言) (0 反應) (1 負責人)JavaScript (1 fork)github user discovery
help wanted

倉庫指標

Star
 (13 star)
PR 合併指標
 (PR 指標待抓取)

描述

This issue will be updated with the current defaults used by this package while hashing your passwords.

Please comment on this issue to get them updated.

Defaults

/**
 * Default configurations used to generate a new hash.
 * @private
 * @type {Object}
 */
const defaultConfigs = {
  // Minimum number of rounds recommended to ensure data safety,
  // this value changes every year as technology improves.
  iterations: 25000,

  // The minimum recommended size for the salt is 128 bits.
  saltSize: 16, // bytes

  // SHA-1 is sufficient, using SHA-256 or SHA-512 has the benefit of
  // significantly increasing the memory requirements, which increases the cost
  // for an attacker wishing to attack use hardware-based password crackers
  // based on GPUs or ASICs.
  digest: 'sha512',
};

Last Update: 01/04/2018 (dd/mm/yyyy)

貢獻者指南