milleruntime commented on pull request #1787: URL: https://github.com/apache/accumulo/pull/1787#issuecomment-729917014
> If there is a simple solution which is not harmful, I would err on accepting such a solution (configurable PW Hash algorithm) and letting those with appetite build their elegant solutions on their own time. I think you missed part of what @ctubbsii said, pointing out how that solution would be harmful: > However, if we make it configurable, that would provide a path for eager security-conscious users to break themselves by switching the algorithm. Making it configurable is better but still potentially harmful and incomplete. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
