What should passwords be hashed with?

what-should-passwords-be-hashed-with?

Have you considered !

It is my understanding that using SHA256 and using the resulting hash to create an AES256 cipher is sufficient. That SHA256 is only vulnerable when birthday attacks are possible such as data integrity. Is this correct?

Log in or sign up to leave a comment

level 1

Argon2id would be my recommendation. If that is not available, then bcrypt would be my second choice.

level 1

Wait, are you hashing passwords or are you deriving an AES key from a password? Passwords should be salted and hashed, but AES keys should be derived using something like PBKDF2.

level 2

I’m think I’m using PBKDF2 in the AES class, but I’m not too sure what most of the code does. Honesty I made it a while ago and I’ll I know is it takes a 256 bit byte array on creation I’m getting from a SHA256 class.

level 2

I’m hashing (and salting) the password with SHA256 and using the result as an AES key

level 1

There are specific functions that are designed for passwords. Things like Argon2 and its derivatives are memory and CPU intensive to make computing them incredibly costly resource wise. OWASP has a good cheat sheet on what to use.

level 1

· 21 hr. ago · edited 20 hr. agoSecurity Engineer

Passwords should be Salted (with a Unique Salt) then Hash (SHA 256 is good) then stored in an encrypted DB

You'll wanna look at things Bcrypt or something like that.

level 1

OP: good on you to reach out for advice. Sometimes this stuff can be tricky and getting help is an easy step towards preventing a major issue.

level 1

Don't forget about IVs (or Nounces if you are using AES-GCM)

On a final note, I’d like to add that camDown has a modern UI, that is secure and has the improved features that you need and I can tell your smart friends would say the same.