all InfoSec news
To my AppSec people, is bcrypt still safe for Python for password management?
Oct. 15, 2023, 6:06 p.m. | /u/sma92878
cybersecurity www.reddit.com
I'm working on a personal application and I've been leveraging bcrypt for password hashing.
I'm using the bcrypt.hashpw and bcrypt.checkpw functions. I was also reading there some attacks with very long passwords so I'm first encoding and then hashing the passwords before I run them through bcrypt.
for hashing the password
bcrypt.hashpw(base64.b64encode(hashlib.sha256(password.encode('utf-8')).digest()), bcrypt.gensalt(14))
for decrypting the password
bcrypt.checkpw(base64.b64encode(hashlib.sha256(password.encode('utf-8')).digest()), hash)
Everything is functioning and working smoothly, I know these libraries change pretty frequently. I'm using SQLAlchemy …
application appsec attacks bcrypt cybersecurity encoding functions hashing hello management password password management passwords people personal python run safe working
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
13 hours ago |
www.reddit.com
State of WiFi Security in 2024
14 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
15 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC