Actions
Improvements #13041
closedChange bcrypt iterations according to ASVS standards
Start date:
09/13/2024
Due date:
% Done:
100%
Estimated time:
Description
The ASVS indicates that a minimum of 10 iterations ought to be used.
This is the absolutely minimum currently, and we should probably already ensure we use more iterations than this.
The BCryptTest can be extended, such that it loops over a number of iterations (say [5,15]). We can take a sweet spot as the new default there (as indicated with a minimum of 10).
Updated by Romain Mardulyn 3 months ago
- Status changed from InProgress to Review
Updated by Matthias Van Ceulebroeck about 2 months ago
- Target version changed from 4.11.2 to 4.11.1
Updated by Matthias Van Ceulebroeck about 2 months ago
- Status changed from Review to Implemented @Emweb
- Assignee set to Romain Mardulyn
- % Done changed from 0 to 100
Updated by Matthias Van Ceulebroeck about 2 months ago
- Status changed from Implemented @Emweb to Implemented @Test
Updated by Matthias Van Ceulebroeck about 2 months ago
- Status changed from Implemented @Test to Closed
Actions