7

It was. But me (@jmgosney) and @Sc00bzT were both on the experts panel for the P...

 1 year ago
source link: https://nitter.net/TerahashCorp/status/1155129705034653698
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

"It was. But me (@jmgosney) and @Sc00bzT were both on the experts panel for the Password Hashing Competition, and both of us will tell you not to use Argon2 for password hashing. It is weaker than bcrypt at runtimes < 1000 ms."|nitter

Ever wondered what a #hashstack @hashcat cluster of 448x RTX 2080s could do for #password #cracking? How about 31.8 TH/s on NTLM, 17.7 TH/s on MD5
media%2FEAfIvuXXoAE64PM.jpg%3Fname%3Dsmall
We don't have support for Argon2 in Hashcat or Hashstack. But you shouldn't use Argon2 anyway, unless you are using it as a KDF instead of a PHF.
Huh? This is the first time I've heard someone say not to use argon2 for passwords. Wasn't it specifically designed with that purpose? password-hashing.net/
It was. But me (@jmgosney) and @Sc00bzT were both on the experts panel for the Password Hashing Competition, and both of us will tell you not to use Argon2 for password hashing. It is weaker than bcrypt at runtimes < 1000 ms.

Jul 27, 2019 · 2:55 PM UTC · Twitter Web App


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK