Most ldap servers will hash a plain text password to whatever storage scheme you've defined for your password policies so I'm not even sure this is necessary. Also by setting hashed values and not having the directory service hash them it cannot evaluate said password against the password policy to ensure it meets whatever you've defined for length, complexity, etc, so the policies are bypassed.
On 07/31/2013 10:45 AM, [email protected] wrote: > > Hello, > > from the server profile i can choose between crypt, ssha, and the like > but what is missing from what i can see are the new crypt-sha512 which > are designed to resist brute force attacks and are included since PHP > 5.3. Are there any plans to include them to choose from? > > Many Thanks > > Andreas > -- Darin Perusich Email: [email protected] Office: 716-888-3690 The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient of this message, please contact the sender and delete this material from this computer. ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
