[iraklism]

Million guesses per second vs thousands. Really interesting how SHA3 made its way to this blog post.

[whatevaa]

Still better than no hashing. Still a tough nut to crack if it's hashed plus salted with unique salt.

[oldcynic]

Ugh. It's supposed to be Best Practices, rather than better than nothing, and is ostensibly from Google. So should be limiting to the appropriate choices: bcrypt, scrypt, PBKDF2 or Argon2.

[isostatic]

Something they acknowledge later with SMS being a bad idea, but may be the best option for a specific workflow.

[user5994461]

Not everyone can used the last hype algorithm, whether because of library support, regulations or technical constraints.

[mediumdeviation]

bcrypt is old enough to vote this year

[cyberfart]

still can't drink in US though