发表新帖
发表新帖

Secure Password Hashing

前端 未结
关注
9 1411
鱼传尺愫
鱼传尺愫 2020-11-30 08:15

I need to store a hash of a single password in a .Net WinForms application.

What\'s the most secure way to do this?

In particular:

  • Salt, HMAC,
9条回答
  • 忘掉有多难
    忘掉有多难 (楼主)
    2020-11-30 08:21

    For a server-side implementation with a large number of passwords, you should definitely use a tunable iterated approach like bcrypt. This well-known article on the topic is still (mostly) relevant:

    http://www.securityfocus.com/blogs/262

    For a single password in a stand-alone application, where the storage location is probably already secured by the system's own authentication system, I think it's much less important. A single strong hash is likely good enough, and adding salt is easy enough that there's no reason not to do so.

    0 讨论(0)
 看不清?
提交回复
热议问题