Ako Suminoe :njp: on Nostr: This is also why using a password manager with crypto-random generated passwords that ...
This is also why using a password manager with crypto-random generated passwords that are site-unique is important. For security to work, it has to be convenient enough that people don't take shortcuts around it.
Also, sure pbkdf2 is not the worst thing in the world, but OWASP only recommends it when targetting FIPS. Is there a reason that we aren't using argon2id, or at least scrypt or bcrypt?
Published at
2023-08-13 08:39:04Event JSON
{
"id": "eec45cf7b8fbb382ad26ad6f983cf7afbc13c9f153948f3671534375069f0c3b",
"pubkey": "5f01776c0691515e825871d13aaafc46d807201cb4332c0d7112c3386ffb2e24",
"created_at": 1691915944,
"kind": 1,
"tags": [
[
"p",
"6be61ca6c65a6d80ae4deb98eb27943cba1bc93dfc975b8161028c099c2b54dc",
"wss://relay.mostr.pub"
],
[
"p",
"79c4b3e2b1e7d8d74fa652cdc1dee37f9cd08fefdc13a79f8d1146c0b69fd1fb",
"wss://relay.mostr.pub"
],
[
"p",
"2beb3c33e63568fe28b3d97c5ff795af72576394038ce160bc2122781e3036b9",
"wss://relay.mostr.pub"
],
[
"p",
"3ba9aa8fc1bbff68f18a109959374aad3e258eb8131b260a61733bfb9a8a74f7",
"wss://relay.mostr.pub"
],
[
"e",
"dcf6ccc0867727ef256d3a18554e568e5db30ee016b2d19b551152f6ae929a45",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://poa.st/objects/054048bc-0b0e-4f60-bd35-fba95c854582",
"activitypub"
]
],
"content": "This is also why using a password manager with crypto-random generated passwords that are site-unique is important. For security to work, it has to be convenient enough that people don't take shortcuts around it.\n\nAlso, sure pbkdf2 is not the worst thing in the world, but OWASP only recommends it when targetting FIPS. Is there a reason that we aren't using argon2id, or at least scrypt or bcrypt?",
"sig": "439ef90e7b9a25c52ad3a6a3f91a8c3e0224b6a028bd0be61a6d99023e0b3b3e97c5feb208e9f84c0f245cd828fbb1f8886d4f03f16bfee1908f7d76b28068ff"
}
