|
|
|
|
|
|
by dependenttypes
2204 days ago
|
|
|
> Because it slows down anyone looking to crack/reverse the passwords? Good luck brute-forcing through 2^256 passwords. The speed of the hash function should not matter. If you still want a slow hash function though then just use more rounds. > The only thing protecting your high entropy password is the cost of the hash No, not really. It is the fact that the password is high entropy, combined with the preimage resistance of the hash. > If you could run infinite attempts in 2 seconds then even your high entropy password would fail. So would your pkdf. |
|
|