> *Rolling your own crypto is already hard enough* Wait, what? Do you role your ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tgma on Aug 8, 2024 \| parent \| context \| favorite \| on: Launch HN: Stack Auth (YC S24) – An Open-Source Au... > Rolling your own crypto is already hard enough Wait, what? Do you role your crypto to handle standard auth flows? Is this some machine generated text?

n2d4 on Aug 8, 2024 [–]

You must encrypt and salt passwords and retrieve them without being susceptible to timing attacks. PKCE. 2FA/TOTP as well.

tgma on Aug 8, 2024 | [–]

Those are traditionally done with existing proven solutions, not "rolling your own crypto" though.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact