General

Profile

Royce Williams

  • Login: royce
  • Email: royce@tycho.org
  • Registered on: 03/01/2011
  • Last connection: 02/14/2024

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 3 1 4

Activity

11/30/2022

01:54 PM pfSense Bug #13713 (New): intermittent display of CPU Current / Max speed in System Information dashboard panel
A cosmetic / UX issue.
Issue:
When CPU powerd / scaling is enabled, the "Current: X MHz, Max: Y MHz" text is di...
Royce Williams

06/06/2022

01:06 PM pfSense Bug #13252 (New): reduce frequency of php-fpm socket connection attempts from check_reload_status
When troubleshooting an issue, I discovered that my system logs were rotating every couple of minutes, due to many of... Royce Williams

02/24/2022

10:35 AM pfSense Bug #12800: Suboptimal Password Hashing
In #12863, I propose a (surprisingly simple) solution that dramatically increases the strength of the sha512crypt has... Royce Williams
10:30 AM pfSense Feature #12863: dynamically tune sha512crypt rounds
Jim Pingle wrote in #note-2:
> Dynamic tuning sounds like more trouble than it's worth, IMO. We'd have to test and ca...
Royce Williams
12:37 AM pfSense Feature #12863: dynamically tune sha512crypt rounds
> and to match the sha512crypt
*match the salts in the various sha512crypt @mkpasswd@ implementations.
Royce Williams
12:16 AM pfSense Feature #12863 (New): dynamically tune sha512crypt rounds
As touched on in #12800 and #12855, sha512crypt's default number of rounds (5000) can be cracked relatively quickly b... Royce Williams

02/22/2022

02:05 PM pfSense Feature #12855: GUI option to select the user password hashing algorithm
Jim Pingle wrote:
> Though we could offer a higher number of rounds with SHA512, the number of rounds must be identi...
Royce Williams
01:52 PM pfSense Bug #12800: Suboptimal Password Hashing
Sounds like a solid way forward - much appreciated!
I do want to point out that whether or not something is dire, vs...
Royce Williams

02/19/2022

12:07 PM pfSense Bug #12800: Suboptimal Password Hashing
If this change is for potential compliance purposes, such as FIPS, a good compromise might be:
* Expose a UI eleme...
Royce Williams

02/15/2022

05:15 PM pfSense Bug #12800: Suboptimal Password Hashing
Steve's benchmark information is more representative of real-world attack than the earlier examples, because GPU atta... Royce Williams

Also available in: Atom