Skip to content

Conversation

@Prasad-JB
Copy link
Contributor

This PR improves the Password Storage Cheat Sheet by updating the wording around the scrypt parameters to reduce confusion between CPU cost and memory cost. Specifically, it:

Clarifies the correct description of scrypt’s parameters (N, r, p) to better reflect their roles.

Suggests improved phrasing to accurately represent the trade-offs between CPU and RAM usage.

Fixes minor wording issues for better readability and accuracy in lines 118 and 126 of Password_Storage_Cheat_Sheet.md.

These changes aim to enhance the clarity and precision of the cheat sheet, helping readers better understand password hashing configurations.

@Prasad-JB
Copy link
Contributor Author

Hello! Just a gentle reminder about this PR — it clarifies scrypt parameters to reduce confusion between CPU and memory cost. Please let me know if you’d like any changes or additional explanations. Thanks for your time!

@jmanico
Copy link
Member

jmanico commented Aug 13, 2025

This may take time to approve, all password cheatsheet changes must be approved by @Sc00bz first :) Please give him time! :)

- N=2^13 (8 MiB), r=8 (1024 bytes), p=10

These configuration settings provide an equal level of defense. The only difference is a trade off between CPU and RAM usage.
These configuration settings provide a minimal level of defense. The only difference is a trade off between CPU and RAM usage.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would say "a minimal and an equal" since both are true

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the suggestion! I can update the phrasing to “a minimal and an equal level of defense” if that works.


Remember that once your password hashing method is selected, it will have to be upgraded in the future, so ensure that upgrading your hashing algorithm is as easy as possible. During the transition period, allow for a mix of old and new hashing algorithms. Using a mix of hashing algorithms is easier if the password hashing algorithm and work factor are stored with the password using a standard format, for example, the [modular PHC string format](https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md).

### International Characters
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why we are removing this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the feedback. I’ll make sure to keep the guidance about upgrading hashing algorithms and supporting a mix of old and new hashes intact. I’ll also update the phrasing to “a minimal and an equal level of defense” as suggested.

@Prasad-JB
Copy link
Contributor Author

Prasad-JB commented Sep 29, 2025

Thanks everyone for the reviews, All suggested fixes have been applied.

Comment on lines 11 to 14
- **Use [Argon2id](#argon2id) with a minimum configuration of 19 MiB of memory, an iteration count of 2, and 1 degree of parallelism.**
- **If [Argon2id](#argon2id) is not available, use [scrypt](#scrypt) with a minimum CPU/memory cost parameter of (2^17), a minimum block size of 8 (1024 bytes), and a parallelization parameter of 1.**
- **Use [argon2id](#argon2id) with a minimum configuration of 19 MiB of memory, an iteration count of 2, and 1 degree of parallelism.**
- **If [scrypt](#scrypt) is not available, use [scrypt](#scrypt) with a minimum CPU/memory cost parameter of (2^17), a minimum block size of 8 (1024 bytes), and a parallelization parameter of 1.**
- **For legacy systems using [bcrypt](#bcrypt), use a work factor of 10 or more and with a password limit of 72 bytes.**
- **If FIPS-140 compliance is required, use [PBKDF2](#pbkdf2) with a work factor of 600,000 or more and set with an internal hash function of HMAC-SHA-256.**
- **If FIPS-140 compliance is required, use [pbkdf2](#pbkdf2) with a work factor of 600000 or more and set with an internal hash function of HMAC-SHA-256.**
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the reason for removing capitalization and removing the comma in the number 600,000? It makes it much easier to read IMHO

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @szh, thanks for the feedback. I removed the capitalization and comma in 600,000 to match the style used elsewhere in the cheat sheet for consistency, but I can revert it if you feel readability is more important.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please do

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @szh, I’ve restored the comma in the PBKDF2 work factor for better readability and pushed the update.

Copy link
Member

@jmanico jmanico left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The secure product design is part of this PR.... :(

@szh szh closed this Oct 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants