Crypt For Passwords
Published in
8 min readJun 4, 2023
Let’s talk about password hashing. Whenever I review code, I’m always surpised to see that many developers still hash secrets with SHA-1 or SHA-256 to generate encryption keys or to store passwords. Overall, these hashing methods are fast, and are thus prone to brute force analysis with GPU cracking.
In OpenSSL, we have support for a number of hashed password options [here]: