IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [bcrypt]

BCrypt is an adaptive cryptographic hash function for passwords. It incorporate a salt to protect against rainbow table attacks and is also an adaptive hash - over time it can be made slower and slower so it remains resistant to specific brute-force search attacks against the hash and the salt.

217 questions
658
votes
4 answers

Do any security experts recommend bcrypt for password storage?

On the surface bcrypt, an 11 year old security algorithm designed for hashing passwords by Niels Provos and David Mazieres, which is based on the initialization function used in the NIST approved blowfish algorithm seems almost too good to be true.…
Sam Saffron
  • 6,665
  • 3
  • 14
  • 11
543
votes
11 answers

Is my developer's home-brew password security right or wrong, and why?

A developer, let's call him 'Dave', insists on using home-brew scripts for password security. See Dave's proposal below. His team spent months adopting an industry standard protocol using Bcrypt. The software and methods in that protocol are not…
nallenscott
  • 4,699
  • 3
  • 12
  • 8
127
votes
3 answers

Recommended # of rounds for bcrypt

What is nowadays (July 2012) the recommended number of bcrypt rounds for hashing a password for an average website (storing only name, emailaddress and home address, but no creditcard or medical information)? In other words, what is the current…
Jason Smith
  • 1,551
  • 2
  • 11
  • 12
117
votes
3 answers

Does bcrypt have a maximum password length?

I was messing around with bcrypt today and noticed something: hashpw('testtdsdddddddddddddddddddddddddddddddddddddddddddddddsddddddddddddddddd', salt) Output:…
d0ctor
  • 1,273
  • 2
  • 9
  • 7
103
votes
1 answer

In 2018, what is the recommended hash to store passwords: bcrypt, scrypt, Argon2?

There are many questions about picking a hash function, including How to securely hash passwords? or Are there more modern password hashing methods than bcrypt and scrypt?, with very detailed answers, but most of them date quite a bit. The consensus…
jcaron
  • 3,365
  • 2
  • 15
  • 22
96
votes
5 answers

What is the specific reason to prefer bcrypt or PBKDF2 over SHA256-crypt in password hashes?

We know that to slow down password cracking in case a password database leak, passwords should be saved only in a hashed format. And not only that, but hashed with a strong and slow function with a possibility to vary the number of rounds. Often…
ilkkachu
  • 2,086
  • 1
  • 11
  • 15
83
votes
10 answers

Why improvising your own Hash function out of existing hash functions is so bad

I'm afraid I'll have tomatoes thrown at me for asking this old question, but here goes. After reading that cooking up your own password hash out of existing hashing functions is dangerous over and over again I still don't understand the logic. Here…
George Powell
  • 1,508
  • 12
  • 14
62
votes
4 answers

Is Bcrypt a hashing algorithm or is my study material wrong?

I'm currently studying for my Comptia Security+ exam and on a practice test online I got this question: Or, represented as text: ▶ Which of the following are hashing algorithms? (Select all that apply) ---------------------------------- ✔️ ☑️ …
treefidy
  • 503
  • 1
  • 4
  • 6
61
votes
3 answers

Is bcrypt better than scrypt

Possible Duplicate: Do any security experts recommend bcrypt for password storage? I'm no security expert and do not pretend to be that's why I'm asking here. I write many PHP based applications and up to now I have been using bcrypt to hash my…
twigg
  • 721
  • 1
  • 5
  • 5
56
votes
5 answers

Is using bcrypt on existing SHA1 hashes good enough when switching password implementation?

I'm working on improving a CMS where the current implementation of storing password is just sha1(password). I explained to my boss that doing it that way is incredibly insecure, and told him that we should switch to bcrypt, and he agreed. My plan…
Alex
  • 709
  • 5
  • 7
50
votes
3 answers

Which is the best password hashing algorithm in .NET Core?

What are the considerations when picking the best password hashing algorithm in .NET Core? I read that not all hashing algorithms are compliant / unverified, so I am a hesitant on just getting various implementations from NuGet. Also, it is not…
Water
  • 623
  • 1
  • 6
  • 6
47
votes
2 answers

Are there more modern password hashing methods than bcrypt and scrypt?

This question made me start thinking about password hashing again. I currently use bcrypt (specifically py-bcrypt). I've heard a lot about PBKDF2, and scrypt. What I'm wondering is if there are any "more modern" password hashing methods that I might…
Brendan Long
  • 2,878
  • 1
  • 19
  • 27
45
votes
3 answers

Is bcrypt(strtolower(hex(md5(pass)))) ok for storing passwords?

I have a large database where passwords are stored as strtolower(hex(md5(pass))) (which is a bad way to store passwords, prone to rainbow tables, cheap to dictionary attack, no salt, etc.), and I'm tasked with switching from md5 to bcrypt, I have to…
user1067003
  • 564
  • 4
  • 11
43
votes
1 answer

How to apply a pepper correctly to bcrypt?

Update: There is a better way to add a server side key, than using it as a pepper. With a pepper an attacker must gain additional privileges on the server to get the key. The same advantage we get by calculating the hash first, and afterwards…
martinstoeckli
  • 5,149
  • 2
  • 27
  • 32
38
votes
8 answers

Client side password hashing

Edit: Updated to put more emphasis on the goal - peace of mind for the user, and not beefing up the security. After reading through a few discussions here about client side hashing of passwords, I'm still wondering whether it might be OK to use it…
Foy Stip
  • 391
  • 1
  • 3
  • 7
1
2 3
14 15