- ASP.NET Core 2 High Performance(Second Edition)
- James Singleton
- 148字
- 2021-07-08 09:39:01
Slower is sometimes better
In some situations, processes are designed to be slow, and this is essential to their operation and security. A good example of this, which may be a hit in profiling, is password hashing or key stretching. A secure password hashing function should be slow so that the password, which (despite being bad practice) may have been reused on other services, is not easily recovered.
We should not use generic hashing functions, such as MD5, SHA1, and SHA256, to hash passwords because they are too quick. Some better algorithms that are designed for this task are PBKDF2 and bcrypt or even Argon2 for new projects. Always remember to use a unique salt per password too. We won't go into any more details here, but you can clearly see that speeding up password hashing would be bad, and it's important to identify where to apply optimizations.
- Java程序設(shè)計(jì)與開(kāi)發(fā)
- 在最好的年紀(jì)學(xué)Python:小學(xué)生趣味編程
- Monkey Game Development:Beginner's Guide
- 大學(xué)計(jì)算機(jī)基礎(chǔ)實(shí)驗(yàn)教程
- Network Automation Cookbook
- C#程序設(shè)計(jì)(慕課版)
- C語(yǔ)言程序設(shè)計(jì)
- 物聯(lián)網(wǎng)系統(tǒng)開(kāi)發(fā):從0到1構(gòu)建IoT平臺(tái)(第2版)
- Microsoft System Center Orchestrator 2012 R2 Essentials
- SharePoint Development with the SharePoint Framework
- R數(shù)據(jù)科學(xué)實(shí)戰(zhàn):工具詳解與案例分析
- 快速入門(mén)與進(jìn)階:Creo 4·0全實(shí)例精講
- Apache Camel Developer's Cookbook
- 深度探索Go語(yǔ)言:對(duì)象模型與runtime的原理特性及應(yīng)用
- Elasticsearch Essentials