-
Reading http://www.codeigniter.com/userguide3/general/security.html#password-handling I noticed there is a recommendation:
> DO NOT put artificial limits on your users’ passwords.
>
> There’s no poi…
-
```
Once issue 830 is fixed, I intend to use Guavas Hashing API for creating
password hashes. At the moment, the code would look something like this:
public static String encodePassword(String passw…
-
```
Once issue 830 is fixed, I intend to use Guavas Hashing API for creating
password hashes. At the moment, the code would look something like this:
public static String encodePassword(String passw…
-
Currently client autgentication is very insecure. A client simply sends a SHA-1 hash of their player name and password to the server. There are practical ways to exploit this and do very, very bad t…
-
```
Once issue 830 is fixed, I intend to use Guavas Hashing API for creating
password hashes. At the moment, the code would look something like this:
public static String encodePassword(String passw…
-
```
Once issue 830 is fixed, I intend to use Guavas Hashing API for creating
password hashes. At the moment, the code would look something like this:
public static String encodePassword(String passw…
-
```
Once issue 830 is fixed, I intend to use Guavas Hashing API for creating
password hashes. At the moment, the code would look something like this:
public static String encodePassword(String passw…
-
```
It would be useful to add an (optional) C extension to passlib which could
speed up some of the core routines, ala how simplejson does things.
C backends for mdes_encrypt_block() and pbkdf2() wo…
-
First, great library. Thanks.
I'm using a salt for my passwords and found it odd that when hashing my password there was an argument for the salt, but when comparing my passwords there is not. I was …
-
```
hi, it seems that passlib uses external BCrypt is slower than the embeeded one
used by cryptacular:
i got 0.40 for passlib Bcrypt, and 0.37 for cryptacular, the difference is not
big, it's alwa…