[
https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12535963
]
Jacques Le Roux commented on OFBIZ-1151:
----------------------------------------
I agree that salting could be a solution for dictionnary attacks. But why not
replace the crypting algorithm by a newer and safer one (RIPEMD-160, SHA-256,
Whirlpool, etc. ) my preference being SHA-256 ? It think it's easier, isn'it ?
> Passwords are not seeded
> ------------------------
>
> Key: OFBIZ-1151
> URL: https://issues.apache.org/jira/browse/OFBIZ-1151
> Project: OFBiz
> Issue Type: Improvement
> Components: party
> Affects Versions: SVN trunk, Release Branch 4.0
> Reporter: Wickersheimer Jeremy
> Assignee: Jacques Le Roux
> Priority: Minor
>
> Password are currently hashed but not seeded which may be a security issue.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
