Default password hash

[Brett Glass]

One thing to consider -- given the nature of the recent attack on LinkedIn --
is to provide a setting that allows one to increase the size of the "salt."
The main danger, when a file of hashed passwords is stolen (as was the case
with LinkedIn), is that an attacker can use a pre-computed dictionary to
break accounts with weak or commonly used passwords. The larger the "salt,"
the more impractical it becomes to prepare or store such a dictionary.
This can matter more than the strength or computational burden of the
hashing algorithm.

--Brett Glass

At 06:51 AM 6/8/2012, Dag-Erling Smørgrav wrote:

>We still have MD5 as our default password hash, even though known-hash
>attacks against MD5 are relatively easy these days.  We've supported
>SHA256 and SHA512 for many years now, so how about making SHA512 the
>default instead of MD5, like on most Linux distributions?
>
>Index: etc/login.conf
>===================================================================
>--- etc/login.conf      (revision 236616)
>+++ etc/login.conf      (working copy)
>@@ -23,7 +23,7 @@
>  # AND SEMANTICS'' section of getcap(3) for more escape sequences).
>
>  default:\
>-       :passwd_format=md5:\
>+       :passwd_format=sha512:\
>         :copyright=/etc/COPYRIGHT:\
>         :welcome=/etc/motd:\
>         :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
>
>DES
>--
>Dag-Erling Smørgrav - des at des.no
>_______________________________________________
>freebsd-security at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
>
>
>-----
>No virus found in this message.
>Checked by AVG - www.avg.com
>Version: 10.0.1424 / Virus Database: 2433/5055 - Release Date: 06/07/12