keycloak-scim/server_admin/topics/threat/password-db-compromised.adoc


=== Password database compromised

{{book.project.name}} does not store passwords in raw text.
It stores a hash of them using the PBKDF2 algorithm.  It actually uses
a default of 20,000 hashing iterations!  This is the security community's recommended number of iterations.
This can be a rather large performance hit on your system as PBKDF2, by design, gobbles up a significant amount of CPU.
It is up to you to decide how serious you want to be to protect your password database.
threat 2016-05-31 22:00:59 +00:00
			`=== Password database compromised`

			`{{book.project.name}} does not store passwords in raw text.`
			`It stores a hash of them using the PBKDF2 algorithm. It actually uses`
Typo 2016-09-02 18:49:29 +00:00			`a default of 20,000 hashing iterations! This is the security community's recommended number of iterations.`
threat 2016-05-31 22:00:59 +00:00			`This can be a rather large performance hit on your system as PBKDF2, by design, gobbles up a significant amount of CPU.`
			`It is up to you to decide how serious you want to be to protect your password database.`