= 768" x-on:close-sidebar="sidebar=window.innerWidth >= 768 && true">
val derive_key : Password_hash.difficulty -> Password_hash.password -> Password_hash.salt -> secret_key
derive_key difficulty pw salt derives a key from a human generated password. Since the derivation depends on both
salt, it is necessary to store them alongside the authenticator. Using a constant salt is insecure because it increases the effectiveness of rainbow tables. Generate the salt with a function like
equal_keys a b checks
b for equality in constant time.
module type S = sig ... end