You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Password hashes will be computed using a cryptographic hash function. The ideal hash function is slow and adjustable in terms of its computation time and memory usage. The argon2 family of algorithms is the recommendation of the Password Hashing Competition Panel. However, it is not part of the Python standard library and may require additional system dependencies. It also may be so slow that it hurts the user experience while logging in.
We should aim for the hash to be computable within one second on the weakest hardware on which Phoenix might run (e.g., the cheapest EC2 instance). Ultimately, any of bcrypt, scrypt, and argon2 will be acceptable for our purposes, and all are currently supported in Django.
The text was updated successfully, but these errors were encountered:
Password hashes will be computed using a cryptographic hash function. The ideal hash function is slow and adjustable in terms of its computation time and memory usage. The argon2 family of algorithms is the recommendation of the Password Hashing Competition Panel. However, it is not part of the Python standard library and may require additional system dependencies. It also may be so slow that it hurts the user experience while logging in.
We should aim for the hash to be computable within one second on the weakest hardware on which Phoenix might run (e.g., the cheapest EC2 instance). Ultimately, any of bcrypt, scrypt, and argon2 will be acceptable for our purposes, and all are currently supported in Django.
The text was updated successfully, but these errors were encountered: