[180212] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Password storage (was Re: gmail security is a joke)

daemon@ATHENA.MIT.EDU (Robert Kisteleki)
Thu May 28 05:29:36 2015

X-Original-To: nanog@nanog.org
Date: Thu, 28 May 2015 11:29:31 +0200
From: Robert Kisteleki <robert@ripe.net>
To: nanog@nanog.org
In-Reply-To: <alpine.BSF.2.00.1505271850140.99570@nog.angryox.com>
Errors-To: nanog-bounces@nanog.org

> Bcrypt or PBKDF2 with random salts per password is really what anyone
> storing passwords should be using today.

Indeed. A while ago I had a brainfart and presented it in a draft:
https://tools.ietf.org/html/draft-kistel-encrypted-password-storage-00

It seemed like a good idea at the time :-) It didn't gain much traction though.

Robert


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[180212] in North American Network Operators' Group

Password storage (was Re: gmail security is a joke)

daemon@ATHENA.MIT.EDU (Robert Kisteleki)Thu May 28 05:29:36 2015

daemon@ATHENA.MIT.EDU (Robert Kisteleki)
Thu May 28 05:29:36 2015