Closed noraj closed 7 years ago
argon2 ftw! although implementations are scarce it looks very promising, would be nice to see in flood! https://www.npmjs.com/package/argon2 https://stormpath.com/blog/secure-password-hashing-in-node-with-argon2
@sachaw It doesn't need many implementations if the existing ones are good 😄
Sure, this is a good idea.
@noraj1337 I was referring to native language implementations, but you are right.
@noraj1337 thanks for opening this issue! I'll work on implementing argon2 next.
I'd be thrilled if everyone in this thread could review my proposed implementation: https://github.com/jfurrow/flood/pull/523
@jfurrow Looks great for me (as a nodejs agnostic).
Issue https://github.com/jfurrow/flood/issues/483 : bcrypt via node-gyp fails to compile on FreeBSD was closed because randomnonsense found a way to compile on FreeBSD but there is still the discussion about changing from bcrypt to a more modern and more secure hashing password algorithm like Argon2.
Here were some of my comments on from isse #483 :
https://github.com/jfurrow/flood/issues/483#issuecomment-338382112
https://github.com/jfurrow/flood/issues/483#issuecomment-338460908
https://github.com/jfurrow/flood/issues/483#issuecomment-338461684