Revision as of 14:41, 4 March 2023 edit Plastikspork (talk \| contribs) Edit filter managers, Administrators 260,138 edits Undid revision 1142744351 by 2601:643:8C80:F50:1C7D:BA0F:38F9:BC7C (talk) Tag: Undo ← Previous edit		Revision as of 23:19, 17 May 2023 edit undo JHP (talk \| contribs) Extended confirmed users 5,311 edits →Password hashing: Listed OWASP recommended KDFs for password hashing. Next edit →
Line 39: In 2013 a [[Password Hashing Competition]] was announced to choose a new, standard algorithm for password hashing. On 20 July 2015 the competition ended and [[Argon2]] was announced as the final winner. Four other algorithms received special recognition: Catena, Lyra2, Makwa and yescrypt.<ref>[https://password-hashing.net/ "Password Hashing Competition"]</ref> As of May 2023, [[OWASP]] recommends the following KDFs for password hashing, listed in order of priority:<ref name="owasp">{{cite web\|url=https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html \| title=Password Storage Cheat Sheet \| work=OWASP Cheat Sheet Series \|publisher=OWASP \|accessdate=2023-05-17}}</ref> 1. [[Argon2\|Argon2id]] 2. [[scrypt]] if Argon2id is unavailable 3. [[bcrypt]] for legacy systems 4. [[PBKDF2]] if FIPS-140 compliance is required == References ==

Key derivation function: Difference between revisions