Bcrypt vs identiy加密 [英] Bcrypt vs identiy encryption
本文介绍了Bcrypt vs identiy加密的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在为.Net Core应用程序实现Identity访问控制的过程。
它的密码哈希与Bcrypt相比如何?用Bcrypt替换它的情况?
我尝试过:
NA,这是意见而不是帮助的请求
解决方案
BCrypt是一个散列函数!
它只是故意制作得很慢蛮力更难:哈希行动:了解bcrypt [ ^ ]
In我认为你可以按照它的方式使用Identity;它使用的是PBKDF2 + HMAC-SHA,并且很可能在使用它的代码中存在任何缺陷而不是算法本身。
你可以阅读什么标识在这里使用:
探索ASP.NET核心身份PasswordHasher [ ^ ]
I'm in the process of implementing Identity for access control on a .Net Core application.
How does its password hashing compare to Bcrypt and is there a case for replacing it with Bcrypt?
What I have tried:
NA, this is a request for opinions rather than assistance
解决方案
BCrypt is a hashing function!.
It's just deliberately slow to make it harder to brute force: Hashing in Action: Understanding bcrypt[^]
In my opinion you are fine with using Identity the way it is; it is using PBKDF2+HMAC-SHA and most likely any flaws will be in the code using it as opposed to the algorithm itself.
You can read up on what Identity uses here:
Exploring the ASP.NET Core Identity PasswordHasher[^]
这篇关于Bcrypt vs identiy加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文