[Date Prev][Date Next] [Chronological] [Thread] [Top]

Passwords, Hashing, and Binds

To: "openldap-technical@OpenLDAP.org" <openldap-technical@openldap.org>
Subject: Passwords, Hashing, and Binds
From: Bram Cymet <bcymet@cbnco.com>
Date: Thu, 28 Aug 2014 16:26:40 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

Hi,

I am storing users passwords in a userPassword attribute. When the
passwords are hashed with MD5 I can bind as the user just fine. If I
hash the password with sha-256 I get invalid credentials.

Is there something I have to change in my client?
Is there something I have to change on the server?

Is binding a user with a password stored with sha-256 (or at least
something better then md5) even possible?

Thanks,

-- 
Bram Cymet
Software Developer
Canadian Bank Note Co. Ltd.
613-608-9752

Follow-Ups:
- Re: Passwords, Hashing, and Binds
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Antw: Passwords, Hashing, and Binds
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

Prev by Date: Re: keepalive parameter setting in openldap for consumer doesnot work
Next by Date: Re: Passwords, Hashing, and Binds
Index(es):
- Chronological
- Thread