> > I believe that there are patches/review for making the default password > hash algorithm configurable via login.conf or something similar.. so some > of the work has already been done.. > > > I'd also like to see us to pull in scrypt if cperciva doesn't have any > > objections. It's good to have options. > > Yes, pulling in scrypt and/or argon2 is a great idea... > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > [email protected] mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[email protected]"
Dag-Erling Smrgrav wrote this message on Thu, May 31, 2018 at 00:38 +0200: > John-Mark Gurney <[email protected]> writes: > > I believe that there are patches/review for making the default password > > hash algorithm configurable via login.conf or something similar... > > You mean like r64918? No, I don't. Sorry, I wasn't specific enough in my comment, but you also dropped the context of that statment: John-Mark Gurney wrote this message on Sun, May 27, 2018 at 16:14 -0700: > Mark Felder wrote this message on Wed, May 23, 2018 at 16:40 -0500: > > In light of this new article[2] I would like to rehash (pun intended) this > > conversation and also mention a bug report[3] we've been sitting on in some > > form for 12 years[4] with usable code that would make working with password > > hashing algorithms easier and the rounds configurable by the admin. > > I'd like to see it set where we set a time, say 50ms or so, and on each > boot, we set the rounds based upon this. (obviously configurable), w/ a > minimum maybe for slower systems... This allows us to autoscale to faster > cpu systems... r64918 does not allow you to set default number of rounds... there is a patch in bugzilla or phabricator that allows you to set this.. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
