19Şub
Weak password hash + strong rate limiter = secure?
I have a microservice which sole purpose is to serve as a cache for other microservices. The point of the cache is to speed up processing, but the strong password hash algo counter that purpose. (Company policy require all service to be secure even internal ones)
I am considering to deliberately weaken the hash algo to speed up cached lookups, but also add a rate limiter in case someone are able to access the caching service and attempt to brute force access to steal cached info.
Will this solution serve the intended purpose or would it introduce a security vulnerability?
