syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francesco Chicchiriccò <ilgro...@apache.org>
Subject Re: [DISCUSS] - Change default password algorithm for 2.1.0
Date Fri, 14 Jul 2017 09:41:51 GMT
On 14/07/2017 11:40, Colm O hEigeartaigh wrote:
> I guess SHA-256 would be a straightforward replacement. Maybe we should
> instead move to a salted hash though?

Well, just set your preference among

https://github.com/apache/syncope/blob/master/common/lib/src/main/java/org/apache/syncope/common/lib/types/CipherAlgorithm.java

:-)

Regards.

> On Fri, Jul 14, 2017 at 9:52 AM, Francesco Chicchiriccò <ilgrosso@apache.org>
wrote:
>
>> On 14/07/2017 10:48, Colm O hEigeartaigh wrote:
>>
>>> Should we change the default password algorithm from SHA1 for 2.1.0? It's
>>> probably time to migrate from SHA1 IMO.
>>>
>> Makes sense.
>> The only problem I could see if when pulling hashed password values from
>> LDAP, where SHA1 is still quite common. Not a big deal, anyway.
>>
>> Which algorithm do you propose?
>>
>> Regards.

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/


Mime
View raw message