[
https://issues.apache.org/jira/browse/SHIRO-280?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Les Hazlewood reassigned SHIRO-280:
-----------------------------------
Assignee: Les Hazlewood
> Create a PasswordService to automate user password management techniques
> ------------------------------------------------------------------------
>
> Key: SHIRO-280
> URL: https://issues.apache.org/jira/browse/SHIRO-280
> Project: Shiro
> Issue Type: New Feature
> Components: Cryptography & Hashing
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
>
> While Shiro's hash support is great for both password hashing and general
> purpose hashing, when hashing passwords, some common techniques and
> strategies are often used to ensure a consistently strong password management
> experience. These techniques are currently implemented by the application
> developer however, which means that 1) they have to design a secure strategy
> and 2) implement it themselves using Shiro's Hash mechanisms.
> It'd be much nicer if Shiro provided, say, a PasswordService interface and
> implementations that implement what the community feels are best practices
> that can be used out-of-the-box so 1) and 2) don't need to be repeated on a
> per-app basis.
> This is probably related to SHIRO-213 as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
