Kiril
Reputation: 369
Google Identity Platform password hashing algorithm
Is anyone able to confirm what is the hashing algorithm used by the Google Identity Platform to store passwords? There is a considerable argument that a secure KDF like Argon2 be used, however seemingly the documentation does not state how passwords are stored (apologies if I have not found the right place in the docs). The GCP documentation on migrating users from an existing app includes many pre-existing options, some of them rather insecure (e.g. MD5, SHA) which is notably not a Google Identity Problem but rather one of the application where the users are migrating from, yet there seems to be no information what happens after the migration. Thanks a lot in advance!
Upvotes: 2
Views: 527
Answers (0)
Related Questions
- Fundamental difference between Hashing and Encryption algorithms
- Importing PHP crypt MD5 passwords into Google Cloud Identity Platform?
- Is "double hashing" a password less secure than just hashing it once?
- Converting md5 password hashes to PHP 5.5 password_hash()
- Use SHA-512 and salt to hash an MD5 hashed password?
- Does the hash algorithm used for password hashing affect rainbow table generation?