I'm reading the wikipedia definition about bcrypt but I don't understand the meaning of 'adaptative' and 'over time it can be made slower'. Can someone explain what they mean in this situation?
Asked
Active
Viewed 164 times
1 Answers
4
One of the inputs to the bcrypt algorithm is the number of rekeying rounds that will be used when calculating the hash. As time passes, and the CPU power available to potential attackers increases, you can simply increase this parameter to keep up -- you'll have to find some way to re-hash all of your old stored passwords, of course.
Mike Scott
- 10,134
- 1
- 28
- 35
-
Related: http://security.stackexchange.com/questions/15847/is-it-possible-to-increase-the-cost-of-bcrypt-or-pbkdf2-when-its-already-calcula – Ladadadada Jun 11 '12 at 23:21