April King <ap...@grayduck.mn> added the comment:
Django uses 390,000 iterations as of late 2021, as does the Python Cryptography project. We should be aligned with their recommendations, or at least a good deal closer than we are now. 390,000 actually makes it a conservative recommendation for key derivation, as that number of rounds takes ~133ms to compute on my M1 versus 36ms. Usually you're shooting for ~250ms. Being off by ~50% is probably okay, being off by this much is considerably worse. Anyways, I'd be happy to make such a PR if folks are amenable to it. ---------- nosy: +april _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue42982> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
