Feature Proposal: Transparent upgrade of crypt() algorithms
John Baldwin
jhb at freebsd.org
Mon Mar 3 21:37:17 UTC 2014
On Friday, February 28, 2014 4:58:29 pm Eitan Adler wrote:
> On 27 February 2014 20:14, Allan Jude <freebsd at allanjude.com> wrote:
> > With r262501
> > (http://svnweb.freebsd.org/base?view=revision&revision=262501) importing
> > the upgraded bcrypt from OpenBSD and eventually changing the default
> > identifier for bcrypt to $2b$ it reminded me of a feature that is often
> > seen in Forum software and other web apps.
> >
> > Transparent algorithm upgrade.
> ...
>
> I would strongly support this
>
> > I think Nick's point is you do want passwords using the "old" hash to
expire
> are some point if they haven't been auto-converted.
>
> Password expiry is an orthogonal issue and should be up to administrator
policy.
Yes, but if you are moving to a different algorithm to improve security, not
coupling it with an eventual expiration of non-migrated accounts gives a false
sense of security. Any admin worth his/her salt is going to want the option
of enforcing that sort of policy along with the transparent update. They
should really be implemented together is all.
--
John Baldwin
More information about the freebsd-current
mailing list