Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • frezik@midwest.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 month ago

    OK. How do you reconcile that with “Hashing passwords isn’t even the best practice at this point”? Key derivation functions are certainly the recommended approach these days. If they are hashes, then your earlier post is wrong, and if they aren’t hashes, then your next post was wrong.