summaryrefslogtreecommitdiff
path: root/security/ruby-bcrypt/DESCR
diff options
context:
space:
mode:
Diffstat (limited to 'security/ruby-bcrypt/DESCR')
-rw-r--r--security/ruby-bcrypt/DESCR25
1 files changed, 25 insertions, 0 deletions
diff --git a/security/ruby-bcrypt/DESCR b/security/ruby-bcrypt/DESCR
new file mode 100644
index 00000000000..8845fe6c228
--- /dev/null
+++ b/security/ruby-bcrypt/DESCR
@@ -0,0 +1,25 @@
+bcrypt() is a sophisticated and secure hash algorithm designed by The
+OpenBSD project for hashing passwords. bcrypt-ruby provides a simple,
+humane wrapper for safely handling passwords.
+
+= bcrypt-ruby
+
+An easy way to keep your users' passwords secure.
+
+* http://bcrypt-ruby.rubyforge.org/
+* http://github.com/codahale/bcrypt-ruby/tree/master
+
+== Why you should use bcrypt
+
+If you store user passwords in the clear, then an attacker who steals
+a copy of your database has a giant list of emails and passwords. Some
+of your users will only have one password -- for their email account,
+for their banking account, for your application. A simple hack could
+escalate into massive identity theft.
+
+It's your responsibility as a web developer to make your web
+application secure -- blaming your users for not being security
+experts is not a professional response to risk.
+
+bcrypt allows you to easily harden your application against these
+kinds of attacks.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-26 06:03:14 +0000