Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I can't speak for other platforms, but at least as far as Ruby goes:

    $ gem install scrypt
    Building native extensions.  This could take a while...
    Successfully installed scrypt-1.0.3
    1 gem installed


Still I'd stick with bcrypt for ruby. It's in ActiveModel, so it's in Rails. It's in Authlogic. It's the default password storage in Datamapper. I can just point my fellow developer towards the documentation and say "use bcrypt" and be reasonably sure that a basically competent developer will get it right. That's a good thing in my book. Neither scrypt or PBKDF2 have that level of integration so far. When that changes, I'll reevaluate my decision.

Still, it's certainly good to keep in mind that there are alternatives, usage profiles and requirements differ and so do the solutions.


You can't go wrong with Ruby scrypt.

But then, unless you give up and don't use any of the three, you can't go wrong with any of these constructions.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: