by gaiusparx on 2/22/11, 1:59 PM with 2 comments
by barryaustin on 2/22/11, 3:15 PM
- For people not using a library or framework, use one!
- For people who build libraries and frameworks, consider bcrypt!
- For people who aren't cryptography deities, don't roll your own. Even Bruce Schneier needs heavy peer review.
And a nit - SHA-1 is showing its age and is being phased out; SHA-2 is much stronger and is widely available.
by goldmab on 2/22/11, 2:24 PM