"there's no way to make repeated attempts more computationally expensive" That's... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		harryh on Feb 17, 2016 \| parent \| context \| favorite \| on: A Message to Our Customers "there's no way to make repeated attempts more computationally expensive" That's not true actually. For example, the industry standard for storing passwords on a server (bcrypt) is specifically designed to slow down password match attempts.

rhaps0dy on Feb 17, 2016 | [–]

It is true. You're confusing making _repeated_ attempts progressively more expensive with making all attempts more expensive to start with

harryh on Feb 17, 2016 | | [–]

Ah yes. You are right, I was confusing those two things. Thanks for the clarification!

nly on Feb 17, 2016 | [–]

Bcrypt isn't an industry standard.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact