1 bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
2 project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper for
3 safely handling passwords.
7 An easy way to keep your users' passwords secure.
9 * http://bcrypt-ruby.rubyforge.org/
10 * http://github.com/codahale/bcrypt-ruby/tree/master
12 == Why you should use bcrypt
14 If you store user passwords in the clear, then an attacker who steals a copy of
15 your database has a giant list of emails and passwords. Some of your users will
16 only have one password - for their email account, for their banking account, for
17 your application. A simple hack could escalate into massive identity theft.
19 It's your responsibility as a web developer to make your web application secure
20 - blaming your users for not being security experts is not a professional
23 bcrypt allows you to easily harden your application against these