> *Rolling your own crypto is already hard enough* Wait, what? Do you role your ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tgma 8 months ago | parent | context | favorite | on: Launch HN: Stack Auth (YC S24) – An Open-Source Au...

> Rolling your own crypto is already hard enough

Wait, what? Do you role your crypto to handle standard auth flows? Is this some machine generated text?

n2d4 8 months ago [–]

You must encrypt and salt passwords and retrieve them without being susceptible to timing attacks. PKCE. 2FA/TOTP as well.

tgma 8 months ago | [–]

Those are traditionally done with existing proven solutions, not "rolling your own crypto" though.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact