Post Syndicated from original https://lwn.net/Articles/933119/

Niels Provos reflects
on 25 years of experience with Bcrypt and ponders the future of password
security in a ;login article.

Bcrypt’s endurance can be attributed to several other factors
beyond our intentional algorithm design. Its wide availability in
open-source implementations has facilitated widespread adoption and
integration into various systems. According to Wikipedia, there are
implementations of bcrypt in C, C++, C#, Embarcadero Delphi,
Elixir, Go, Java, JavaScript, Perl, PHP, Python, and
Ruby. Moreover, bcrypt’s focus on computational cost scaling makes
it an attractive choice for large Internet services compared to
newer algorithms like Argon2, which also scale in memory
consumption.