Strong Password Hashing
This lesson discusses scrypt and Argon2, the two best password hashing algorithms available today.
We'll cover the following
Argon2 and scrypt
PBKDF2 and bcrypt require a configurable amount of CPU power. Argon2 and scrypt take this a step further and require memory also. This makes them harder to crack even on specialized hardware. We’ve already looked at PyNaCl’s Argon2 function, which also provides a scrypt implementation. Additionally, Python 3.6 and later versions provide hashlib.scrypt
.
scrypt is alright; its big problem is that it was used in the Litecoin digital currency. This prompted the development of Litecoin miners, which are basically scrypt solvers. scrypt should be able to handle these miners, but Argon2 is a safer choice, and the design is cleaner anyway.
Get hands-on with 1400+ tech skills courses.