Yes, NIST says the iterations count should be "at least 10 000 iterations" but today many computers are faster and PBKDF2 i vulnerable (right word?) to adversaries using optimized hardware. "ykpamcfg" should use a random iterations count for each run that falls somewhere between 50 000 and 200 000 iterations.
Yes, NIST says the iterations count should be "at least 10 000 iterations" but today many computers are faster and PBKDF2 i vulnerable (right word?) to adversaries using optimized hardware. "ykpamcfg" should use a random iterations count for each run that falls somewhere between 50 000 and 200 000 iterations.