couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Security_Features_Overview" by lancecarlson
Date Tue, 10 Dec 2013 22:21:38 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by lancecarlson:
https://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=41&rev2=42

  }}}
  NOTE: If you have openssl 1.0.0e or newer, the $SALT value includes a '(stdin)=' prefix.
You should remove it and calculate password_sha with just the hex part.
  
+ Node JS
+ 
+ {{{
+ var crypto = require('crypto');
+ var password = 'coolbeans';
+ var salt = crypto.randomBytes(16).toString('hex');
+ var hash = crypto.createHash('sha1');
+ hash.update(password + salt);
+ var password_sha = hash.digest('hex');
+ }}}
+ 
  === pbkdf2 (v1.3.0 or newer) ===
  The default password hashing scheme in version 1.3.0 and newer is now [[http://en.wikipedia.org/wiki/PBKDF2|pbkdf2]]
(replacing SHA1). By using a "slower" hash function along with an iterations parameter, dictionary
attacks are now much more difficult to attempt (see issue [[https://issues.apache.org/jira/browse/COUCHDB-1060|COUCHDB-1060:
CouchDB should use a secure password hash method instead of the current one]]). This adds
a few new keys to user documents. Here's a sample user document with username "username" and
password "password":
  {{{

Mime
View raw message