For password hashing, bcrypt *is* better, by design. There's absolutely
no ambiguity here, the consensus is fully in favour of bcrypt. Hashes
like SHA512 are general purpose, designed to run really fast, whereas
bcrypt is explicitly for secure hashing and is deliberately, tuneably
slow. There are m
Please ignore my last comment. bcrypt is undoubtedly better than a
single round of SHA512 as a password hash (what I was on about), but
SHA512 is not the same thing as the multiple rounds used in SHA512-CRYPT
that's in libc and in Ulrich's paper.
--
You received this bug notification because you
2 matches
Mail list logo
