Birdwatch Note Rating
2024-08-01 08:46:48 UTC - HELPFUL
Rated by Participant: 0129B9C5DA274760477051AF2B8F022E1CC11A1AA9B2154E91DA34D1C22532E9
Participant Details
Original Note:
Storing plaintext passwords is insecure. Always hash passwords using bcrypt, Argon2, or PBKDF2 at least. Example: ```python import bcrypt hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) bcrypt.checkpw(password.encode('utf-8'), hashed) ``` https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html https://pages.nist.gov/800-63-3/sp800-63b.html#sec5
All Note Details