[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SHA-2 and other hashes

To: "Howard Chu" <hyc@symas.com>
Subject: Re: SHA-2 and other hashes
From: "Norman Gray" <gray@nxg.name>
Date: Mon, 03 Jun 2019 15:22:11 +0100
Cc: openldap-technical <openldap-technical@openldap.org>
In-reply-to: <83a2ad4e-30b2-948f-53f9-15d73f127c2e@symas.com>
References: <C4EA7171-61EC-4913-BBCD-F29BB9D8546B@nxg.name> <83a2ad4e-30b2-948f-53f9-15d73f127c2e@symas.com>


Howard, hello.

On 3 Jun 2019, at 15:07, Howard Chu wrote:

SHA-2 in any form is unsuitable for use as a password hash, simplybecause it is too easy to compute.At this point the best choice is the one that won the Password HashingCompetition - Argon2.
https://github.com/P-H-C/phc-winner-argon2


That makes sense -- thanks.

Patches for adding this to OpenLDAP would of course be welcome.

I'm sure. However I fear I'm not going to be able to oblige in theshort term....


Best wishes,

Norman


--
Norman Gray  :  https://nxg.me.uk

References:
- SHA-2 and other hashes
  - From: "Norman Gray" <gray@nxg.name>
- Re: SHA-2 and other hashes
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: SHA-2 and other hashes
Next by Date: Re: SHA-2 and other hashes
Index(es):
- Chronological
- Thread