couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Couchdb Wiki] Update of "Security_Features_Overview" by lancecarlson
Date Tue, 10 Dec 2013 22:21:38 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by lancecarlson:

  NOTE: If you have openssl 1.0.0e or newer, the $SALT value includes a '(stdin)=' prefix.
You should remove it and calculate password_sha with just the hex part.
+ Node JS
+ {{{
+ var crypto = require('crypto');
+ var password = 'coolbeans';
+ var salt = crypto.randomBytes(16).toString('hex');
+ var hash = crypto.createHash('sha1');
+ hash.update(password + salt);
+ var password_sha = hash.digest('hex');
+ }}}
  === pbkdf2 (v1.3.0 or newer) ===
  The default password hashing scheme in version 1.3.0 and newer is now [[|pbkdf2]]
(replacing SHA1). By using a "slower" hash function along with an iterations parameter, dictionary
attacks are now much more difficult to attempt (see issue [[|COUCHDB-1060:
CouchDB should use a secure password hash method instead of the current one]]). This adds
a few new keys to user documents. Here's a sample user document with username "username" and
password "password":

View raw message