Birdwatch Note Rating
2024-07-31 14:45:35 UTC - HELPFUL
Rated by Participant: B4EBBE30E522EA49AB5DFF5BDDFD8E3DF66C7357C5936B8812B45F1D4F78AD19
Participant Details
Original Note:
Storing plaintext passwords is insecure. Always hash passwords using bcrypt, Argon2, or PBKDF2 at least. Example: ```python import bcrypt hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()) bcrypt.checkpw(password.encode('utf-8'), hashed) ``` https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html https://pages.nist.gov/800-63-3/sp800-63b.html#sec5
All Note Details