Actions
Feature #12962
closedImprove default sha512 password hashing rounds
Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Description
After this change: https://redmine.pfsense.org/issues/10298
The default encryption for passwords is sha512
However, by default, sha512 only does 5000 rounds of encryption which is very weak
Increase rounds to 800k to provide same bcrypt default 10 rounds password resilience
See: https://www.reddit.com/r/PFSENSE/comments/ssnp35/260_default_password_hashing_changed_from_bcrypt/
Git commit to fix the issue:
Updated by Phil Wardt almost 3 years ago
Here's the commit:
https://github.com/pfsense/pfsense/pull/4563
Updated by Jim Pingle almost 3 years ago
- Status changed from New to Duplicate
- Assignee deleted (
Jim Pingle) - Priority changed from Very High to Normal
Actions