On Wed, Jul 6, 2011 at 14:43, Robert Newson <[email protected]> wrote: > Some time ago I wrote some code to implement the PBKDF2 protocol. This > is a cryptographically sound means of deriving a key from a password.
Why is this better than stuff like bcrypt or scrypt? The page for the latter, at least, states that it "is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2". Cheers, Dirkjan
