Update README.md to include an example for PBKDF in browser with js-sha256

[mohsenasm]

Using the pbkdf2 library in the browser is not very straightforward. Including a simpler yet secure way for the browsers in the readme is good.

[ricmoo]

I think this is out of scope for this readme though, no?

There are so many ways, and sha2-256 is not a great way to create a key from a password. It is subject to rainbow table attacks but also, in your example could yield different keys on computers in different countries, since the password isn’t normalized to a specific form.

Algorithms like pbkdf2 explicitly state which normalized form to use and there are a lot of other nuances that may be missed, which when it comes to deterministic key generation is important.

I’m also a firm believer in key stretching, which is why I usually use scrypt. ;)

[mohsenasm]

There is a pbkdf2 example a couple of lines before, and for that, I thought we can add another example that can be used in the browsers. So, I don't think it's out of scope and I think it can help new users a lot.

I don't think sha256 can be subjected to rainbow table attacks with the presents of salt. I added the NFKC normalization to address the issue you mentioned. Thanks :)