@@ -56,6 +56,7 @@ Each part will be explained in the next section.
5656 iterations : 5000
5757
5858 # PBKDF2 encoder
59+ # see the note about PBKDF2 below for details on security and speed
5960 Acme\Your\Class\Name :
6061 algorithm : pbkdf2
6162 hash_algorithm : sha512
@@ -196,17 +197,6 @@ Each part will be explained in the next section.
196197 ROLE_ADMIN : [ROLE_ORGANIZER, ROLE_USER]
197198 ROLE_SUPERADMIN : [ROLE_ADMIN]
198199
199- caution ::
200- PBKDF2 encoder uses the PBKDF2 (Password-Based Key Derivation Function 2).
201-
202- Providing a high level of Cryptographic security,
203- as recommended by the National Institute of Standards and Technology (NIST).
204-
205- But also warrants a warning, using PBKDF2 (with a high number of iterations) slows down the process.
206- PBKDF2 should be used with caution and care.
207-
208- A good configuration lies around at least 1000 iterations and sha512 for the hash algorithm.
209-
210200reference-security-firewall-form-login :
211201
212202Form Login Configuration
@@ -261,3 +251,18 @@ Redirecting after Login
261251* ``default_target_path `` (type: ``string ``, default: ``/ ``)
262252* ``target_path_parameter `` (type: ``string ``, default: ``_target_path ``)
263253* ``use_referer `` (type: ``Boolean ``, default: ``false ``)
254+
255+ Using the PBKDF2 encoder: security and speed
256+ --------------------------------------------
257+
258+ The `PBKDF2 `_ encoder provides a high level of Cryptographic security, as
259+ recommended by the National Institute of Standards and Technology (NIST).
260+
261+ But using PBKDF2 also warrants a warning: using it (with a high number
262+ of iterations) slows down the process. Thus, PBKDF2 should be used with
263+ caution and care.
264+
265+ A good configuration lies around at least 1000 iterations and sha512
266+ for the hash algorithm.
267+
268+ .. _`PBKDF2` : http://en.wikipedia.org/wiki/PBKDF2
0 commit comments