[Haskell-cafe] Password hashing

Bulat Ziganshin bulat.ziganshin at gmail.com
Wed Oct 29 09:47:41 EDT 2008

Hello Bit,

Wednesday, October 29, 2008, 4:32:51 PM, you wrote:

>> It's a good idea to salt your passwords before hashing, though. See
> What can be used for generating a random salt? Is System.Random secure enough?

if you use mkStdRNG it's good enough for non high-secure programs. it
inits rnd generator with current time upo to picoseconds (if your OS
provides such granularity). you can add a bit f security by reading a
few bytes from /dev/urandom and passing these to mkStdRNG

Best regards,
 Bulat                            mailto:Bulat.Ziganshin at gmail.com

More information about the Haskell-Cafe mailing list