Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Password security is a concern for many.
I would like to include a “Learn about our password security” link that explains that we use bcrypt for password hashing and how it works.
Does making this information public cause any security worries or make my system less secure?
What you are referring is Security through obscurity. It is presumed that – except for the key – a crypto system should remain safe even if it is known. If you depend on the secrecy of the implementation, you should move to another system.
In your case of hashing, it should be put that if no backhash known method exists, the system is safe. The more people use your hashing algo, and the more it stands to the passing of time, the safer it is.