Hi, Howard At Wed, 05 Nov 2014 09:32:43 +0000, Howard Chu wrote: > > Any particular reason you've decreased the iterations from 60000 to 10000? >
It was too slow when stretching 60000 on powerless server. My tiny VM needed over 1sec if iterate 60000 by PBKDF2-SHA512. RFC recommends more than 1000 iterations, it would be safe enough 10000 iterations. FYI: http://security.stackexchange.com/questions/3959/recommended-of-iterations-when-using-pkbdf2-sha256 It is desirable to be able to change the operator, but slapasswd does not read slapd.conf so I was stuck. I'm planning to change slappasswd that accept iteration count in the future. Thank you. -- Open Source Solution Technology Corporation HAMANO Tsukasa <[email protected]> fingerprint = 2285 2111 6D34 3816 3C2E A5B9 16BE D101 6069 BE55
