I need to be FIPS (NIST) and ANSSI (French Security Agency) compliant for a rails application.
Currently we use has_secure_password with bcrypt to hash and store password. But bcrypt is not FIPS or ANSSI compliant because the result hash is to small (184 bits).
I would like to implement an option in the ActiveModel::SecurePassword to use pbkdf2 with a FIPS-180 hash like SHA256 or SHA512.
Does that make sense for PR ?