HN Reader

Ask HN: What is the latest on treatment of Metastatic Breast Cancer?

12 points by hazrmard 2h ago 2 comments

Ask HN: What cool skill or project interests you, but feels out of reach?

58 points by akktor 1d ago 117 comments

Tell HN: Help restore the tax deduction for software dev in the US (Section 174)

2364 points by dang 1d ago 879 comments

Ask HN: Any Way to Sidestep Stripe's "alternate currency payout fee"

4 points by SilentDonor 4h ago 0 comments

How to get started with writing tech video essays

87 points by sonderotis 5d ago 25 comments

Ask HN: Would You Use a Declarative Back End (APIs, DB, Auth, Sync)?

3 points by Imazadi 8h ago 0 comments

Ask HN: How to learn CUDA to professional level

236 points by upmind 2d ago 78 comments

Ask HN: Startup getting spammed with PayPal disputes, what should we do?

290 points by june3739 7d ago 183 comments

Ask HN: Does Google train on Google Docs?

6 points by puttycat 17h ago 6 comments

Ask HN: In 15 years, what will a gas station visit look like?

53 points by thomassmith65 2d ago 156 comments

Data manipulation using natural language prompts

4 points by brockmeier 18h ago 4 comments

Rust password hashing functions: Argon2, scrypt, PBKDF2

2 points by jph 20h ago 1 comments

Heroku Outage from AWS CloudFront Issue?

5 points by raasdnil 21h ago 0 comments

Building an Audit Readiness Platform for Startups โ€“ Would Love Your Feedback

6 points by dillonatkinson5 1d ago 0 comments

Ask HN: Has anybody built search on top of Anna's Archive?

289 points by neonate 7d ago 146 comments

Control PC games with body movements using webcam andPython+ MediaPipe

5 points by TSkavinskyy 1d ago 2 comments

Ask HN: Any good tools for viewing congressional bills?

109 points by tlhunter 4d ago 40 comments

Ask HN: What API or software are people using for transcription?

54 points by indigodaddy 1d ago 61 comments

List of Countries Without a Value-Added Tax

11 points by nabla9 22h ago 12 comments

Ask HN: Do founders get honest feedback on their pitch decks?

3 points by johnzakkam 1d ago 8 comments

Ask HN: What Happened to the Apple Vision Pro?

16 points by pera 2d ago 31 comments

Ask HN: What's your open source stack?

27 points by 3D39739091 3d ago 14 comments

Ask HN: What are some of the best books to learn signal processing?

3 points by optbuild 14h ago 1 comments

Ask HN: Is there any demand for Personal CV/Resume website?

8 points by usercvapp 2d ago 19 comments

Ask HN: Options for One-Handed Typing

94 points by Townley 7d ago 94 comments

Ask HN: How do you integrate AI assistants into your note taking?

4 points by andruby 1d ago 3 comments

Best place for small remote gigs?

18 points by xucian 3d ago 24 comments

Bill Atkinson has passed away

27 points by hyperhello 3d ago 6 comments

Ask HN: I'm considering open-sourcing my UI library โ€“ how to generate income?

5 points by mrholek 22h ago 2 comments

Ask HN: Anyone else feeling increasingly alienated from the industry?

38 points by saubeidl 4d ago 33 comments

Ask HN: What would you work on if you couldn't fail?

13 points by rblion 4d ago 21 comments

Ask HN: Share you personal favorite productivity tools, workflows or setup

5 points by yashness 1d ago 5 comments

Ask HN: How long do you ever leave your server running without updates?

5 points by bagol 2d ago 5 comments

Heroku login down for 7 hours

6 points by buf 15h ago 6 comments

Ask HN: What Does Your Self-Hosted LLM Stack Look Like in 2025?

20 points by anditherobot 6d ago 7 comments

Ask HN: Running AI agents in isolated environments

8 points by polycaster 5d ago 1 comments

What is a modern successor to HyperCard?

11 points by WillAdams 2d ago 9 comments

When Profit Overshadows Community: A Look at Golang Conferences

5 points by gophercon 3d ago 1 comments

Get Your Dev Tool Mentioned by ChatGPT, Gemini Not Just Ranked on Google

8 points by vinodvarma24 4d ago 6 comments

Ask HN: Wrongly banned from Facebook Marketplace โ€“ can anyone help at all?:/

2 points by HAL9OOO 17h ago 4 comments

Ask HN: Share real complaints about outsourcing data annotation

4 points by yogoism 2d ago 3 comments

Ask HN: Is anyone still programming the old-fashioned way (without LLMs)?

36 points by philbo 1d ago 44 comments

Reaching my first 100 users without money or audience (at 10K users now)

35 points by felixheikka 7d ago 11 comments

Ask HN: What do you put in claude.md and what you leave out?

8 points by bognition 5d ago 2 comments

Ask HN: Best practices for building front ends with AI assistance?

3 points by sukit 3d ago 8 comments

Rust password hashing functions: Argon2, scrypt, PBKDF2

2 jph 1 6/10/2025, 11:33:54 AM
I'm evaluating Rust password hashing functions, specifically Argon2, scrypt, PBKDF2. I'm using the RustCrypto open source implementations. I have three simple demos in case you want to try these yourself:

* https://github.com/joelparkerhenderson/demo-rust-argon2

* https://github.com/joelparkerhenderson/demo-rust-scrypt

* https://github.com/joelparkerhenderson/demo-rust-pbkdf2

I'm seeking advice please, such as pros and cons. The context is medical software where hashing is on generally modern machines. I'm aware of the OWASP recommendations which seem broadly helpful. Thanks!

Comments (1)

stop50 ยท 17h ago
The first two are good enough, but shouldn't be the only protection. In general salts (adding an per password random string to the raw password) and pepper(addding an random string that is shared across the application) should be added.

Pbkdf2 is quite old and has an attack vector from ASICs and FPGA, but is still quite widespread for applications and protocols.