A more advanced version of "Use Bcrypt" (link in comments). TLDR: Use PBKDF2 if company policy requires standards and accreditations, use the superior Scrypt if a reliable implementation exists for your stack, use Bcrypt otherwise. Never use SHAx hashes. scrypt > bcrypt > PBKDF2 > all else.
1 comment | 1 favorite
almost 4 years ago, by kurtosis
An absolute must-read if you plan to roll your own authentication from scratch, or are working with other sensitive passwords/data. Use bcrypt to safely store your passwords.
4 comments | 0 favorites
over 4 years ago, by pineapple