beaker.crypto.pbkdf2 – PKCS#5 v2.0 Password-Based Key Derivation classes¶
PBKDF2 Implementation adapted from django.utils.crypto.
This is used to generate the encryption key for enciphered sessions.
pbkdf2(password, salt, iterations, dklen=0, digest=None)¶
Implements PBKDF2 using the stdlib. This is used in Python 2.7.8+ and 3.4+.
HMAC+SHA256 is used as the default pseudo random function.
As of 2014, 100,000 iterations was the recommended default which took 100ms on a 2.7Ghz Intel i7 with an optimized implementation. This is probably the bare minimum for security given 1000 iterations was recommended in 2001.