[Noisebridge-discuss] Access control & Safety, both personal and general space.
jof at thejof.com
Thu Feb 9 00:14:44 UTC 2012
On Wed, Feb 8, 2012 at 3:49 PM, Daniel Pitts <coloraura.com at gmail.com> wrote:
> There isn't much point in encrypting a phone number, the number of bits
> of entropy is so low that a brute-force attack would be *extremely* easy
> to execute.
True! And this is why I suggest using bcrypt. Brute-force generation
of bcrypt hashes for *every* phone number is variably-hard (by tuning
the "cost" of bcrypt).
More information about the Noisebridge-discuss