O'Reilly logo
  • Roman Borysenok thinks this is interesting:

For encryption at rest, unless you have a very good reason for picking something else, pick a well-known implementation of AES-128 or AES-256 for your platform.3 Both the Java and .NET runtimes include implementations of AES that are highly likely to be well tested (and well patched), but separate libraries exist for most platforms too—for example, the Bouncy Castle libraries for Java and C#. For passwords, you should consider using a technique called salted password hashing.

From

Cover of Building Microservices

Note

Encryption and passwords