From further reading, turns out the current {salt(crypto:strong_rand_bytes(128)), hash(sha384)} hashing solution should not be considered secure. Problem is, switching to something like bcrypt (or PBKDF2) likely requires the addition of a third party library (which, in itself, is a security risk).
From further reading, turns out the current
{salt(crypto:strong_rand_bytes(128)), hash(sha384)}hashing solution should not be considered secure. Problem is, switching to something like bcrypt (or PBKDF2) likely requires the addition of a third party library (which, in itself, is a security risk).