> On 09/07/2023 4:37 PM CDT Craig Francis <cr...@craigfrancis.co.uk> wrote: > > We recently discussed hashing and costs at one of our OWASP meetings, we came > to conclusion that the default of 10 for bcrypt probably should be increased, > but only to 11 for typical websites. The main concern was about making > denial-of-service attacks easier (think of a normal website developer, who > won't limit the number of login attempts). >
I fought long and hard to get bcrypt down from cost 12 to only cost 10 even though cost 9 was over powered vs the other settings. At the time cost "8.1" was equivalent to the other settings. After the recent settings increase of the others, cost "8.7" is equivalent. Currently all of the OWASP settings come directly from me except bcrypt. The only way I was able to get it down to cost 10 was giving equivalent settings to cost 12 for the other algorithms. Just to show that those numbers were obviously too high. Note that bcrypt cost 12 is currently as strong as PBKDF2-HMAC-SHA256 with ~6,000,000 iterations. Which is an insane number for web auth. Anyway I don't look forward to arguing with OWASP to keep bcrypt at cost 10. Even though it's currently 2.5x stronger than the other accepted settings. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
