keycloak-scim/server_admin/topics/threat/password-db-compromised.adoc

5 lines
388 B
Text
Raw Normal View History

2016-05-31 22:00:59 +00:00
=== Password database compromised
{project_name} does not store passwords in raw text but as hashed text, using the PBKDF2 hashing algorithm. {project_name} performs 20,000 hashing iterations, the number of iterations recommended by the security community. This number of hashing iterations can adversely affect performance as PBKDF2 hashing uses a significant amount of CPU resources.