Hello, Does this project https://github.com/sonOfRa/openldap/tree/argon2/contrib/slapd-modules/passwd/argon2 could respond or it is off topic ?
Regards, <signaturebeforequotedtext></signaturebeforequotedtext> Le 08/01/20 00:47, Howard Chu <[email protected]> a écrit : > > Quanah Gibson-Mount wrote: > > > > > > --On Tuesday, January 7, 2020 10:44 AM -0800 rammohan ganapavarapu > > <[email protected]> wrote: > > > >> > >> Does openldap support SHA-256 or SHA-3 schemes? to address the below > >> issues? > > > > There is a module in contrib that is included with most vendor builds that > > allows up to SSHA512. I've long suggested using it. The default of SSHA1 is > > mandated by RFC (which IMHO needs updating at this point). > > Just to note, both SHA2 and SHA3 are designed to be cheap to compute and easy > to implement > in hardware. Neither of these are desirable properties for a password hash. > At this point > we should only be talking about Argon2, which won the password hashing > competition. > > https://github.com/P-H-C/phc-winner-argon2 > > As always - patches welcome. > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > > <signatureafterquotedtext>-- Frederic Poisson </signatureafterquotedtext>
