BCrypt Reading
- http://yorickpeterse.com/articles/use-bcrypt-fool/
- http://codahale.com/how-to-safely-store-a-password/
- http://ca.php.net/manual/en/function.crypt.php
- http://stackoverflow.com/questions/4795385/how-do-you-use-bcrypt-for-hashing-passwords-in-php
- http://stackoverflow.com/questions/3552464/how-can-i-vendorize-bcrypt-in-a-php-application-and-should-i
- https://gist.github.com/972386
- https://gist.github.com/1053158/
Wouldn't it be better, if the cost factor would be set to
31
when the user passes something> 31
? When the user passes something greater than 31, it's almost sure by accident, but I think he shouldn't get a weaker password for that.