Thanks for the suggestions. I think those would be
great to add once J2 matures. Thoughts anyone?
Lester, I added those as new features to JIRA to keep
track of your request.
Regards,
David.
--- Lester Ward <[EMAIL PROTECTED]> wrote:
> Please consider adding a couple of features to the
> security model used for
> J2 that will enhance security significantly,
> particularly against dictionary
> attacks on the database. I can elaborate on these
> points if need be.
>
> 1) Salted passwords. Protects against batched
> dictionary attacks.
>
> 2) Variable security. Basically a per user settable
> counter that sets how
> many times a hash function is repeated. Repeating
> the hash does not improve
> security of a given password, but rather
> intentionally slows down the
> password check and, therefore, makes dictionary
> attacks significantly more
> expensive for the attacker. Further, it can be tuned
> per user so that
> passwords of some users take longer to dictionary
> attack than others.
>
> 3) Password fields at least large enough to hold
> hashed SHA-256.
>
>
> Not as important, but a "nice to have":
>
> 4) Variable algorithm. A per user setting that
> indicates what algorithm is
> used to validate the user. This is useful really
> only to solve on particular
> problem: if you later decide to migrate to a new
> algorithm -- moving from
> MD5 to SHA-256, say -- how do you do so without
> resetting everyone's
> password? For most systems, you cannot just rehash
> the password under the
> new system, because you only have the encrypted
> version and cannot generate
> the plaintext. If, however, you had a setting that
> indicates what algorithm
> was used, you can do a migration gradually. That is,
> next time that user
> logs on (which is validated under the old system),
> you can make him change
> the password, saving the new one under the new
> system. This sounds a bit
> unlikely, I know, but I've had to migrate two
> different systems to a new
> password algorithm and it was not pleasant because
> the systems lacked this
> feature.
>
> Another benefit of this feature is that if you have
> different clients who
> demand different algorithms, you can support them
> both at once. This tends
> not to be an issue unless you have clients that are
> banks or some other
> institution with an extremely detailed set of
> security requirements.
>
> Thanks,
> Wordman
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
