Bank: Authentication update to stronger standards
I’ve been doing a lot of reading on cryptography lately. Some of my goals require a deep knowledge of encryption and how to implement successfully, so diving in now is an ideal time. One of the first updates I decided to do, in order to strengthen the banking project, was to update the password storage. I took a lead from the OWASP guidelines: Use a unique salt per password Have a sane, long minimum for password length Use an expensive cryptography function for hash calculation Argon2 At the top of the list of recommended hashing functions was Argon2. »