Added by Renato Botelho almost 10 years ago. Updated almost 9 years ago.
100%
Description
A couple of things to be done to improve pfSense passwd:
- Change hash from MD5 to SHA512 or blowfish
- Start to create a salt to crypt() calls
Updated by Jim Thompson almost 10 years ago
Updated by Chris Buechler almost 10 years ago
Updated by Chris Buechler over 9 years ago
Updated by Chris Buechler over 9 years ago
Updated by Renato Botelho almost 9 years ago
Pull request #2450 has been merged
Updated by Renato Botelho almost 9 years ago
It's working fine AFAIK. I didn't see any problems reported.
Left it in feedback so more people can validate
Updated by Jim Pingle almost 9 years ago
One place was missed (swapping the password for bcrypt-hash in /conf.default/config.xml), I pushed a correction for that. It's working well otherwise. Existing users are OK, when their passwords are changed their hash is converted to bcrypt in the config and in passwd, old hashes are removed, and they can still login to the GUI and over SSH. Looking through the repo I can't find any other trace of the old hash so I think we're set.