libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Change default password hashing intervals

Browse source
This commit is contained in:
Stian Thorgersen 2016-06-02 08:47:07 +02:00
parent e33c69187b
commit cef392e1b2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
topics/authentication/password-policies.adoc
View file

@ -35,7 +35,7 @@ HashAlgorithm::
on how to plug in your own algorithm. Note that if you do change the algorithm, password hashes will not change in storage until
the next time the user logs in.
HashIterations::
This value specifies the number of times a password will be hashed before it is stored or verified. The default value is 1.
This value specifies the number of times a password will be hashed before it is stored or verified. The default value is 20,000.
This hashing is done in the rare case that a hacker gets access to your password database. Once they have the database
they can reverse engineer user passwords.
The industry recommended value for this parameter changes every year as CPU power improves. The current recommended value