A CLI to easily manage .env files and keep them consistent. It is simple, fast, error resistant, and composable.
This cheat sheet advises you on the proper methods for storing passwords for authentication. When passwords are stored, they must be protected from an attacker even if the application or database is compromised. Fortunately, a majority of modern languages and frameworks provide built-in functionality to help store passwords safely.
However, once an attacker has acquired stored password hashes, they are always able to brute force hashes offline. Defenders can slow down offline attacks by selecting hash algorithms that are as resource intensive as possible.
To sum up our recommendations:
Use Argon2id with a minimum configuration of 19 MiB of memory, an iteration count of 2, and 1 degree of parallelism.
If Argon2id is not available, use scrypt with a minimum CPU/memory cost parameter of (2^17), a minimum block size of 8 (1024 bytes), and a parallelization parameter of 1.
For legacy systems using bcrypt, use a work factor of 10 or more and with a password limit of 72 bytes.
If FIPS-140 compliance is required, use PBKDF2 with a work factor of 600,000 or more and set with an internal hash function of HMAC-SHA-256.
Consider using a pepper to provide additional defense in depth (though alone, it provides no additional secure characteristics).
As of May 2023, OWASP recommends the following KDFs for password hashing, listed in order of priority:
- Argon2id
- scrypt if Argon2id is unavailable
- bcrypt for legacy systems
- PBKDF2 if FIPS-140 compliance is required
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
Berkeley Mono Typeface
PostgreSQL zero-downtime migrations made easy
You will be tasked with growing the Trust & Safety team at a social media startup and navigating a series of difficult dilemmas. Get ready to make tough moderation decisions, shape platform policies, and invest in your team as the company scales from small startup to IPO.
a fork of sqlite that is “open to contribution”