Monday, July 31, 2017

When best practices should be the only practices

found on Stack Exchange

I know this best practice. I follow it as best I can, but after spending a week trying to figure out a way to use PBKDF2 securely with just ordinary .Net (no  extensions or additional 3rd party libraries) and failing, I'm starting to see why people continue to violate this best practice.