> > Peter Gutmann's Security Engineering > (https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf) has a good > treatment of Passwords in general. See Chapter 7 on page 563. >
Thank you will read. > John Stevens of OWASP performed threat modelling of passwords in > storage on the server. See Secure Password Storage > (https://docs.google.com/document/d/1R6c9NW6wtoEoT3CS4UVmthw1a6Ex6TGSBaEqDay5U7g). Will check this but we are specifically trying to avoid storing passwords _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography