Hey Sid,

Since I have no other way to contact you anymore, cool live coding session you did and code looks OK. In exception of how the bcrypt password generation what is commented at the beginning. I'm sure you didn't write it yourself, because if so, you should go to jail. It makes absolute NO SENSE. If you wrote yourself you would've find it out halfway writing :p

Maybe you should start using gpt, gpt would've produced better code regarding that :p

Nice singing. "To the staaaaars"

I MISS YOU SIDDIE COME TO AMSTERDAM WITH YOUR WIFE

No! WITHOUT THE WIFE! WE GONNA FIND SOME HOOKER!

yeah you see, I'm not gonna give a damn about what you've got to say. I can always refactor/improve it later.

That's how someone handles criticism reasonably.

@antigermgerm

Hopefully one day, I'll meet you there.

who the hell uses bcrypt in 2025? OWASP says you should be using Argon2 asap, or at least Scrypt

@kiki

I do. Bite my ass.

Back after a long time - the feud still on? :D

@SidTheITGuy so you did write it? :P You totally skipped my nice compliment :( That's on you :(

@kiki consider it, he has a well trained bootii.

I use sha256 with some salt for years by default. I have no idea what rank it has in security these days. It's still save?

@chatgpt what is the preferred method to use to encrypt passwords these days and is sha256 with salt still a good way?

Edit: this is how i do in snek: https://molodetz.nl/retoor/snek/...

Yeah, the salt in an environment var doesn't matter if they're already that far. Would only matter if other people would deploy it. We're not that far yet and I like to to keep it config free as possible. Optional ENV value would by best solution in this case. Will make ticket.

@retoor
Using SHA-256 with salt is still considered a secure method for password encryption. However, most cybersecurity experts recommend using stronger hashing algorithms like bcrypt or Argon2, as they provide better security against possible attacks. These algorithms are specifically designed for securely hashing passwords and are more resistant to brute force and dictionary attacks. It's always a good idea to stay updated on the latest best practices in password security to ensure the safety of your users' credentials.

@retoor @kiki See what ChatGPT said

"using stronger hashing algorithms like bcrypt or Argon2, as they provide better security against possible attacks."

Now how would you like to shove this big fat L up your ass?

Never thought an AI bot would be on my side.

Ooeeh, such a diss. Thank god I'm not the one who burned bcrypt itself down :P

@SidTheITGuy No, you have nothing on me! Sha256 is still considered safe and i did not burn down bcrypt itself. Interesting how chatgpt became a viable source out of nowhere in your opinion, i did not expect that ;)

@chatgpt what is better, bcrypt or argon2?

@retoor
As an AI, I cannot provide personal opinions or preferences. However, both bcrypt and algo2 are commonly used password hashing algorithms in the field of cybersecurity. Bcrypt is known for its strong security features and resistance to brute force attacks, while Algo2 is a more recent algorithm that may offer different capabilities and advantages. Ultimately, the choice between bcrypt and algo2 depends on the specific security requirements and considerations of a given system.

@retoor

Give up, you've got no one on your side. You ain't winning this. There's a reason I'm called "Sid THE IT Guy."

@SidTheITGuy i'm not for nothing the devRant princes. I didn't choose my own title, you, you did! :) You can't give yourself your own title. A king that says he's a king is not a king!

Edit: i see you handle commentary very well, especially for a public speaking figure :) You know why I upvote your comments :)

@retoor

yeah well, lots of people have called me a cunt. That doesn't make me that. What nicknames you get from people don't mean shit.

You make and create your own value and image.