Skill Wiki
Passwords Bcrypt Or Argon2
User passwords MUST be hashed with bcrypt (cost factor ≥ 12), Argon2id (memory ≥ 64 MiB, iterations ≥ 3, parallelism ≥ 1), or scrypt (N ≥ 2^17, r = 8, p = 1). Never store plain-text passwords.…
$ prime install @community/rule-passwords-bcrypt-or-argon2Projection
Always in _index.xml · the agent never has to ask for this.
PasswordsBcryptOrArgon2 [rule] v1.0.0
User passwords MUST be hashed with bcrypt (cost factor ≥ 12), Argon2id (memory ≥ 64 MiB, iterations ≥ 3, parallelism ≥ 1), or scrypt (N ≥ 2^17, r = 8, p = 1). Never store plain-text passwords. Never use MD5, SHA-1, SHA-256, or any general-purpose hash function directly — those are not password hash functions.
Loaded when retrieval picks the atom as adjacent / supporting.
PasswordsBcryptOrArgon2 [rule] v1.0.0
User passwords MUST be hashed with bcrypt (cost factor ≥ 12), Argon2id (memory ≥ 64 MiB, iterations ≥ 3, parallelism ≥ 1), or scrypt (N ≥ 2^17, r = 8, p = 1). Never store plain-text passwords. Never use MD5, SHA-1, SHA-256, or any general-purpose hash function directly — those are not password hash functions.
Applies To
- Any user authentication system storing a password verifier
- API key storage (generate random key, store bcrypt hash, never store plaintext)
- Legacy scheme migration (detect old hash scheme on login, re-hash with Argon2id transparently)
- Service account credentials stored in a secrets manager that also needs a verifier
Counter Examples
- Adobe 2013: 153M passwords stored as reversible 3DES-ECB — not hashed at all; all passwords recoverable by anyone with the key (found in the same dump).
- LinkedIn 2012: 117M passwords stored as unsalted SHA-1 — rainbow tables cracked ~90% of the dump within 72 hours of public release.
md5(password + username)— adding a username as salt does not make MD5 safe; still GPU-crackable at billions of attempts/second.
Loaded when retrieval picks the atom as a focal / direct hit.
PasswordsBcryptOrArgon2 [rule] v1.0.0
User passwords MUST be hashed with bcrypt (cost factor ≥ 12), Argon2id (memory ≥ 64 MiB, iterations ≥ 3, parallelism ≥ 1), or scrypt (N ≥ 2^17, r = 8, p = 1). Never store plain-text passwords. Never use MD5, SHA-1, SHA-256, or any general-purpose hash function directly — those are not password hash functions.
Applies To
- Any user authentication system storing a password verifier
- API key storage (generate random key, store bcrypt hash, never store plaintext)
- Legacy scheme migration (detect old hash scheme on login, re-hash with Argon2id transparently)
- Service account credentials stored in a secrets manager that also needs a verifier
Counter Examples
- Adobe 2013: 153M passwords stored as reversible 3DES-ECB — not hashed at all; all passwords recoverable by anyone with the key (found in the same dump).
- LinkedIn 2012: 117M passwords stored as unsalted SHA-1 — rainbow tables cracked ~90% of the dump within 72 hours of public release.
md5(password + username)— adding a username as salt does not make MD5 safe; still GPU-crackable at billions of attempts/second.
Examples
- Node.js:
const hash = await bcrypt.hash(password, 12)— cost 12 takes ~250ms on modern hardware; verification:await bcrypt.compare(candidate, hash). - Python:
from argon2 import PasswordHasher; ph = PasswordHasher(time_cost=3, memory_cost=65536, parallelism=1); ph.hash(password)— argon2-cffi library, OWASP recommended parameters. - PHP:
password_hash($password, PASSWORD_ARGON2ID, ['memory_cost' => 65536, 'time_cost' => 3, 'threads' => 1])— PHP 7.3+ built-in. - Rust:
let params = Params::new(65536, 3, 1, None)?; Argon2::new(Algorithm::Argon2id, Version::V0x13, params).hash_password(pw.as_bytes(), &salt)?— argon2 crate. - Django: default hasher upgraded to Argon2 via
pip install django[argon2]+PASSWORD_HASHERS = ['django.contrib.auth.hashers.Argon2PasswordHasher', ...].
Rationale
Plain-text passwords leak immediately in any database dump. General-purpose hashes (MD5, SHA-256) are designed to be fast — modern GPUs achieve 100 billion SHA-256 hashes/second, enabling full dictionary + rule attacks in minutes. Bcrypt/Argon2id/scrypt are deliberately slow and memory-hard, costing 0.3–1 second per attempt even on specialized hardware, making brute force economically unviable.
Applies To
- Any user authentication system storing a password verifier
- API key storage (generate random key, store bcrypt hash, never store plaintext)
- Legacy scheme migration (detect old hash scheme on login, re-hash with Argon2id transparently)
- Service account credentials stored in a secrets manager that also needs a verifier
Counter Examples
- Adobe 2013: 153M passwords stored as reversible 3DES-ECB — not hashed at all; all passwords recoverable by anyone with the key (found in the same dump).
- LinkedIn 2012: 117M passwords stored as unsalted SHA-1 — rainbow tables cracked ~90% of the dump within 72 hours of public release.
md5(password + username)— adding a username as salt does not make MD5 safe; still GPU-crackable at billions of attempts/second.
Source
prime-system/examples/frontend-design/primes/compiled/@community/rule-passwords-bcrypt-or-argon2/atom.yaml