From 2a531bb51948e9a7b79c1fe27089ef39d13d1fc7 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 8 May 2014 14:30:15 -0700 Subject: [PATCH] Recommend `sodium_mlock()`/`sodium_munlock()` over `sodium_memzero()`. --- README.markdown | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index d7513a18..d434883c 100644 --- a/README.markdown +++ b/README.markdown @@ -327,8 +327,9 @@ results in the stored hash value included in `str` when using the same parameters. `0` is returned if the passwords are matching, `-1` is they are not. -The plaintext password should be immediately zeroed out from memory -after this function returns, using `sodium_memzero()`. +The plaintext password should be locked in memory using +`sodium_mlock()` and immediately zeroed out and unlocked after this +function returns, using `sodium_munlock()`. ## Constants available as functions