Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

README.md

crypto-password

Build Status

A Clojure library for securing user passwords using a key derivation function. Supports the following algorithms:

Installation

Add the following dependency to your project.clj file:

[crypto-password "0.2.1"]

Usage

Pick an encryption algorithm, either pbkdf2, bcrypt or scrypt:

(require '[crypto.password.<algorithm> :as password])

Then use the encrypt function to apply a secure, one-way encryption algorithm to a password:

(def encrypted (password/encrypt "foobar"))

And the check function to check the encrypted password against a plaintext password:

(password/check "foobar" encrypted) ;; => true

Defaults

The default options for the key derivation algorithms were chosen based on benchmarks carried on on a AWS t1.micro server running Ubuntu 13.10 (ami-35dbde5c), in March 2014.

On this hardware, the key derivation functions take approximately 200ms to complete with their default options. This is a short enough time to not be an inconvenience for a human being, but long enough to make brute forcing encrypted passwords very costly.

Documentation

License

Copyright © 2019 James Reeves

Distributed under the Eclipse Public License, the same as Clojure.

You can’t perform that action at this time.