Balloon Hashing: A Function Providing Protection Against Sequential Attacks [pdf]

&gt; <i>The staggering number of password files breaches in recent months demonstrates the importance of cryptographic protection for stored passwords.</i><p>Rather, they demonstrate the importance of not re-using a password for multiple sites.<p>The value of a password is under the user&#x27;s control. A password which controls access to a user&#x27;s account on a site which has been compromised (only to that account and nothing else) has very low value, even compared to other pieces of personal information (which are usually stored plain text, and likely included in the breach).

Balloon is neat, and has a good pedigree. But: all the password hashes are fine, including the ones that aren&#x27;t space-hard. If you&#x27;re undecided, throw a dart, or pick the one with the simplest library for your platform.<p>Where you get into trouble is when you try to roll your own password hash with a crypto hash and a &quot;salt&quot;.

This would also be useful for making better bitcoin systems, ones which are resilient to current asics.