Default password hash, redux
Mark Felder
feld at FreeBSD.org
Wed May 23 21:40:32 UTC 2018
Around 2012[1] we made the brave switch from md5crypt to sha512. Some people were asking for bcrypt to be default, and others were hoping we would see pbkdf2 support. We went with compatible. Additionally, making password hashing more
In light of this new article[2] I would like to rehash (pun intended) this conversation and also mention a bug report[3] we've been sitting on in some form for 12 years[4] with usable code that would make working with password hashing algorithms easier and the rounds configurable by the admin.
I'd also like to see us to pull in scrypt if cperciva doesn't have any objections. It's good to have options.
PS: Why does "compatibility" matter for a default algorithm? Having a default different than Linux or Solaris isn't a bad thing as long as we implement the industry's common hashes which would permit any management tools twiddling the master.passwd manually to still be able to insert the password hashes in a common format...
[1] https://lists.freebsd.org/pipermail/freebsd-security/2012-June/006271.html
[2] https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/
[3] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=182518
[4] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=75934 is the original report about the issue
--
Mark Felder
ports-secteam & portmgr member
feld at FreeBSD.org
More information about the freebsd-security
mailing list