27 lines
1.1 KiB
Plaintext
27 lines
1.1 KiB
Plaintext
==== Use secure password hashing algorithms
|
|
|
|
In general, you should rely on an algorithm that has no known security
|
|
vulnerabilities. The MD5 and SHA-1 algorithms should not be used.
|
|
|
|
Some algorithms, such as the SHA family functions, are considered strong for
|
|
some use cases, but are too fast in computation and therefore vulnerable to
|
|
brute force attacks, especially with bruteforce-attack-oriented hardware.
|
|
|
|
To protect passwords, it is therefore important to choose modern, slow
|
|
password-hashing algorithms. The following algorithms are, in order of strength,
|
|
the most secure password hashing algorithms to date:
|
|
|
|
. Argon2
|
|
. scrypt
|
|
. bcrypt
|
|
. PBKDF2
|
|
|
|
Argon2 should be the best choice, and others should be used when the previous
|
|
one is not available. For systems that must use FIPS-140-certified algorithms,
|
|
PBKDF2 should be used.
|
|
|
|
Whenever possible, choose the strongest algorithm available. If the algorithm
|
|
currently used by your system should be upgraded, OWASP documents possible
|
|
upgrade methods here:
|
|
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#upgrading-legacy-hashes[Upgrading Legacy Hashes].
|