Y
Hacker News
new
|
ask
|
show
|
jobs
by
Joker_vD
907 days ago
Or you can just use SHA-256 instead and not bother with subtle details about which uses are safe and which are not.
3 comments
forward1
907 days ago
Or you can't, for example because you already signed a 20 year root with SHA-1. Nor does it matter in this example and many others.
link
mr_mitm
907 days ago
Still depends. Using SHA-256 for password storage is bad. Argon2 would be a much safer bet. Or maybe scrypt or yescrypt.
link
postalrat
907 days ago
And blindly use a suggestion from hn without understanding the tradeoffs.
link