How securely do they store user passwords & how good are they at letting us know?
@PasswordStorage • Rating guide
All sites
Full algorithm: AES(bcrypt(password))
AES(bcrypt(password))
Disclosures:
A slow hashing function is used but such info is "invisible", hidden in a blog post or a talk, or on social media.
Recommended change: Publish storage and hashing info details visibly (e.g. in the docs or FAQ), then let me know.