12 October 2011
- 10:0110:01, 12 October 2011 diff hist +1 WebAppSec/Secure Coding Guidelines →Password Storage
- 10:0010:00, 12 October 2011 diff hist +219 WebAppSec/Secure Coding Guidelines Small clarification on the secureness of bcrypt.
- 09:5909:59, 12 October 2011 diff hist −340 WebAppSec/Secure Coding Guidelines Using HMAC + bcrypt has absolutely zero advantage over using plain bcrypt. In fact, it's as stupid as hashing a hash. HMAC is meant for weak algorithms such as the SHA family.