[ https://issues.apache.org/jira/browse/OFBIZ-8537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15721921#comment-15721921 ]
Jacques Le Roux commented on OFBIZ-8537: ---------------------------------------- Also this is interesting https://cryptosense.com/parameter-choice-for-pbkdf2/ That's why I suggest we use PBKDF2 rather than the old SHA-1 > LoginWorker HashCrypt the type of hash for one-way encryption > ------------------------------------------------------------- > > Key: OFBIZ-8537 > URL: https://issues.apache.org/jira/browse/OFBIZ-8537 > Project: OFBiz > Issue Type: New Feature > Components: framework > Affects Versions: Trunk > Reporter: wangjunyuan > Assignee: Shi Jinghai > Priority: Minor > Labels: HashCrypt, PBKDF2, security.properties > Attachments: HashCrypt.patch > > > PBKDF2 (Password-Based Key Derivation Function 2) is part of RSA > Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically > PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. > It replaces an earlier key derivation function, PBKDF1, which could only > produce derived keys up to 160 bits long.Add this function to ofbiz ,this > PBKDF2 has four types in > Javaļ¼'PBKDF2WithHmacSHA1','PBKDF2WithHmacSHA256','PBKDF2WithHmacSHA384','PBKDF2WithHmacSHA512' -- This message was sent by Atlassian JIRA (v6.3.4#6332)