I was looking up hashing algorithms and strengths and people were complaining that SHA isn't good for secure applications.
People mentioned PBKDF2, bcrypt, and scrypt, so i was curious about them. I saw this thread http://shiro-user.582556.n2.nabble.com/Password-hashing-with-PBKDF2-td7577741.html which is a couple years old, so I'm not sure what has changed since then, but I figure I would ask what people think. I would like to be as secure as possible within the constraints of shiro and such. I also heard that using an AESCipher is a good idea? Thanks -- View this message in context: http://shiro-user.582556.n2.nabble.com/SHA-256-SHA-512-not-secure-enough-for-passwords-tp7580224.html Sent from the Shiro User mailing list archive at Nabble.com.
