This library provides datatypes and functions for working with passwords and
password hashes in Haskell.
Currently supports the following algorithms:
PBKDF2
bcrypt
scrypt
Argon2
Also, see the password-instances
package for instances for common typeclasses.
Changes
Changelog for password
2.0.1.1
Fixed cross-module links in the haddocks
#19. Thanks to
@TristanCacqueray for fixing this.
2.0.1.0
Switched checking hashes to using Data.ByteArray.constEq, instead of
the default (==) method of ByteString. This is to make it more secure
against timing attacks. #16
Thanks to maralorn (@maralorn) for bringing
this up.
2.0.0.1
Fixed README markdown for hackage.
2.0.0.0
Complete overhaul of the library to include hashing and checking
passwords with not just scrypt, but also PBKDF2, bcrypt and
Argon2.
#8
cryptonite is now used as a dependency, instead of the scrypt package.
#8
Done away with abbreviating “password” (Pass/pass -> Password/password)
#8
Removed unsafeShowPasswordText and changed unsafeShowPassword to be
Password -> Text. (Anyone who needs it to be a String knows where to
find Data.Text.unpack)
#8
GHC versions < 8.2 are no longer actively supported. (Tested to work for GHC 8.2.2)