undefined | Better HN

0 pointstptacek17y ago0 comments

It would be great if we could just give a consistent, clear recommendation for people to use bcrypt here. You're a BSD person, I assume you like Mazieres and Niels as much as I do. MD5(MD5(MD5(etc))) is still pretty silly. Why hack? Do it right.

0 comments

2 comments · 1 top-level

cperciva17y ago· 1 in thread

MD5(MD5(MD5(etc))) is still pretty silly. Why hack? Do it right.

I wasn't suggesting that people should use iterated MD5 has a password hash. I was giving it as an example of how a password hash can be made more brute-force-resistant by doing extra work.

It would be great if we could just give a consistent, clear recommendation for people to use bcrypt here.

I'm not arguing with that. Hey everybody, do what Thomas says and use bcrypt!

But -- maybe due to my background in academia -- I think it's really important for people to understand why the authentication schemes they keep on inventing are bad. You're doing a good job of jumping in and telling everybody to use bcrypt -- so I'm taking care of explaining the cryptography so that people will understand what they're doing wrong and what bcrypt does right.

tptacekOP17y ago

You're also stronger on crypto than I am. The background is neat, but we probably don't want to fall into the trap that Schneier did, documenting a lot of trivia and failing to provide clear explanations, so that we wind up with applications that use CAST and Interlock instead of TLS. =)

j / k navigate · click thread line to collapse