bscrypt
A cache hard password hash/KDF (by Sc00bz)
hmac-bcrypt
The hmac-bcrypt password hashing function (by epixoip)
bscrypt | hmac-bcrypt | |
---|---|---|
6 | 1 | |
40 | 59 | |
- | - | |
0.0 | 10.0 | |
over 1 year ago | over 1 year ago | |
C++ | C | |
Creative Commons Zero v1.0 Universal | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bscrypt
Posts with mentions or reviews of bscrypt.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-13.
-
Backups of ALL customer vault data, including encrypted passwords and decrypted authenticator seeds, exfiltrated in 2022 LastPass breach, You will need to regenerate OTP KEYS for all services and if you have a weak master password or low iteration count, you will need to change all of your passwords
Not compared to a more modern password hashing function like bscrypt or Argon2. PBKDF2 with 100k iterations is actually rather low for current recommendations. And it's not memory-hard, which makes it possible to use GPUs to speed up cracking dramatically.
-
So I created a custom KDF. Bad idea?
Regarding cache-hard KDFs, check out Argon2ds, Pufferfish2, hmac-bcrypt, and bscrypt.
-
On PBKDF2 iterations
bscrypt looks like a better alternative nowadays https://github.com/Sc00bz/bscrypt
-
On PBKDF2 Iterations
Argon2 requires a ton of RAM, that servers could use for more interesting things.
bscrypt looks like a better alternative nowadays: https://github.com/Sc00bz/bscrypt
- Bscrypt – A cache hard password hash/KDF
hmac-bcrypt
Posts with mentions or reviews of hmac-bcrypt.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-13.
-
So I created a custom KDF. Bad idea?
Regarding cache-hard KDFs, check out Argon2ds, Pufferfish2, hmac-bcrypt, and bscrypt.
What are some alternatives?
When comparing bscrypt and hmac-bcrypt you can also consider the following projects:
Argon2 - Memory-hard scheme Argon2
yescrypt - Password-based key derivation function and password hashing scheme building upon scrypt
pufferfish - Pufferfish2 password hashing scheme
c-hash - LiamLoads is a fast and secure 256-bit hashing function in pure C.