[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SHA-2 and other hashes

To: Howard Chu <hyc@symas.com>, Norman Gray <gray@nxg.name>, openldap-technical <openldap-technical@openldap.org>
Subject: Re: SHA-2 and other hashes
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Mon, 03 Jun 2019 07:57:36 -0700
Content-disposition: inline
In-reply-to: <83a2ad4e-30b2-948f-53f9-15d73f127c2e@symas.com>
References: <C4EA7171-61EC-4913-BBCD-F29BB9D8546B@nxg.name> <83a2ad4e-30b2-948f-53f9-15d73f127c2e@symas.com>

--On Monday, June 03, 2019 4:07 PM +0100 Howard Chu <hyc@symas.com> wrote:

SHA-2 in any form is unsuitable for use as a password hash, simply
because it is too easy to compute. At this point the best choice is the
one that won the Password Hashing Competition - Argon2.
https://github.com/P-H-C/phc-winner-argon2

Work on such a module was started<https://www.openldap.org/its/index.cgi/?findid=8575>


Unfortunately, never finished.

--Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- SHA-2 and other hashes
  - From: "Norman Gray" <gray@nxg.name>
- Re: SHA-2 and other hashes
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: SHA-2 and other hashes
Next by Date: Re: Updating slapd configuration programmatically
Index(es):
- Chronological
- Thread