Change default crypto provider to SCrypt #392

Merged
merged 1 commit into from Feb 28, 2014

Conversation

Projects
None yet
2 participants

abedra commented Feb 21, 2014

It is well known that hashes, even when salted, are weak against offline
attacks. Since adaptive hash functions are already supported, default to
the best option so that users start off with the most secure choice by
default.

Signed-off-by: Aaron Bedra abedra@cigital.com

Change default crypto provider to SCrypt
It is well known that hashes, even when salted, are weak against offline
attacks. Since adaptive hash functions are already supported, default to
the best option so that users start off with the most secure choice by
default.

Signed-off-by: Aaron Bedra <abedra@cigital.com>
Owner

binarylogic commented Feb 28, 2014

I like everything in this commit, my concern is backwards compatibility

binarylogic added a commit that referenced this pull request Feb 28, 2014

Merge pull request #392 from abedra/master
Change default crypto provider to SCrypt

@binarylogic binarylogic merged commit 9bc2760 into binarylogic:master Feb 28, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment