|
|
|
|
|
|
by chopin
3001 days ago
|
|
|
Do you have citations for this? AFAIK state of the art is to put the password through some password stretching algorithm (like PKBDF) and to encrypt the database with that. No need to store the password. I think NaCL offers out-of-the-box support for this. EDITED to add: I am using Password Safe which is recommended by Bruce Schneier. What you describe would be an absolute noob mistake. He would be pretty embarrassed if you were right. |
|
|