[
https://issues.apache.org/jira/browse/COUCHDB-2725?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14597446#comment-14597446
]
ASF GitHub Bot commented on COUCHDB-2725:
-----------------------------------------
GitHub user rnewson opened a pull request:
https://github.com/apache/couchdb-couch/pull/60
Configurable password scheme
This gives the administrator control over which algorithm is used to
hash passwords and a separate control over whether this happens on
successful authentication or only at password change time.
closes COUCHDB-2725
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/rnewson/couchdb-couch
2725-configurable-password-scheme
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/couchdb-couch/pull/60.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #60
----
commit 5270be18b293623eb7530e409941eab4c76a02f6
Author: Robert Newson <[email protected]>
Date: 2015-06-16T16:17:44Z
Configurable password scheme
This gives the administrator control over which algorithm is used to
hash passwords and a separate control over whether this happens on
successful authentication or only at password change time.
closes COUCHDB-2725
----
> Configurable password scheme
> ----------------------------
>
> Key: COUCHDB-2725
> URL: https://issues.apache.org/jira/browse/COUCHDB-2725
> Project: CouchDB
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Reporter: Robert Newson
>
> Currently, couchdb will upgrade any "simple" password hash (the one pass,
> salted sha1 algorithm) to "pbkdf2" on the next successful authentication, and
> will use the new scheme for new passwords or on password change.
> Make this configurable so that administrators of large sites can roll out the
> upgrade gradually.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
