Create a PasswordService to automate user password management techniques
------------------------------------------------------------------------
Key: SHIRO-280
URL: https://issues.apache.org/jira/browse/SHIRO-280
Project: Shiro
Issue Type: New Feature
Components: Cryptography & Hashing
Reporter: Les Hazlewood
While Shiro's hash support is great for both password hashing and general
purpose hashing, when hashing passwords, some common techniques and strategies
are often used to ensure a consistently strong password management experience.
These techniques are currently implemented by the application developer
however, which means that 1) they have to design a secure strategy and 2)
implement it themselves using Shiro's Hash mechanisms.
It'd be much nicer if Shiro provided, say, a PasswordService interface and
implementations that implement what the community feels are best practices that
can be used out-of-the-box so 1) and 2) don't need to be repeated on a per-app
basis.
This is probably related to SHIRO-213 as well.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
