From c58b478530a93df90d0c612df259d1668cdd3f6b Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 29 Jan 2014 13:56:25 -0600
Subject: update docs re: PBKDF2HMAC iterations

---
 docs/hazmat/primitives/key-derivation-functions.rst | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'docs/hazmat/primitives')

diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
index e652ecbf..bf069faa 100644
--- a/docs/hazmat/primitives/key-derivation-functions.rst
+++ b/docs/hazmat/primitives/key-derivation-functions.rst
@@ -58,7 +58,9 @@ key stretching) so match your needs to their capabilities.
     :param bytes salt: A salt. `NIST SP 800-132`_ recommends 128-bits or
         longer.
     :param int iterations: The number of iterations to perform of the hash
-        function. See OWASP's `Password Storage Cheat Sheet`_ for more
+        function. This can be used to control the length of time the operation
+        takes. Higher numbers help mitigate brute force attacks against derived
+        keys. See OWASP's `Password Storage Cheat Sheet`_ for more
         detailed recommendations if you intend to use this for password storage.
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`
-- 
cgit v1.2.3