There are some bcrypt, SCrypt, and PBKDF2 initial parameters which were determined to be secure against a default threat model given best known attacks in 2016. These should be re-evaluated for 2018.
- Line 1303
- Line 1311
- Line 1321
- Line 1637
If these values are updated, backward-compatibility for internal uses also needs to be evaluated.