Default password hash
O. Hartmann
ohartman at zedat.fu-berlin.de
Sat Jun 9 10:11:49 UTC 2012
On 06/09/12 11:28, Dimitry Andric wrote:
> On 2012-06-09 09:43, O. Hartmann wrote:
>> On 06/08/12 14:51, Dag-Erling Smørgrav wrote:
>>> We still have MD5 as our default password hash, even though known-hash
>>> attacks against MD5 are relatively easy these days. We've supported
>>> SHA256 and SHA512 for many years now, so how about making SHA512 the
>>> default instead of MD5, like on most Linux distributions?
> ...
>> The manpage for login.conf also needs an update. I checked this morning
>> and found that thye manpage doesn't even mention hashes apart from des,
>> md5 and blf.
>
> Dag-Erling fixed this just yesterday :)
>
> http://svn.freebsd.org/changeset/base/236751
Great and thank you all ... :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20120609/e1f4e516/signature.pgp
More information about the freebsd-security
mailing list