How to store passwords? Hash or KDF?
posted April 2014
I remember a time where people would advise to just hash the password with md5 before storing it into a database.
But hash were never meant for encrypting passwords. As KDF. But KDF seems to be better a fit for that kind of task.
See Ty's blog post "please stop hashing passwords". He makes good points and advise using those following KDFs for the job:
Scrypt is the one used in Litecoin by the way.