[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SHA-2 and other hashes
--On Monday, June 03, 2019 4:07 PM +0100 Howard Chu <hyc@symas.com> wrote:
SHA-2 in any form is unsuitable for use as a password hash, simply
because it is too easy to compute. At this point the best choice is the
one that won the Password Hashing Competition - Argon2.
https://github.com/P-H-C/phc-winner-argon2
Work on such a module was started
<https://www.openldap.org/its/index.cgi/?findid=8575>
Unfortunately, never finished.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>