keycloak-scim/topics/threat/password-db-compromised.adoc
Bill Burke 1dc81011dc threat
2016-05-31 18:00:59 -04:00

9 lines
483 B
Text

=== Password database compromised
{{book.project.name}} does not store passwords in raw text.
It stores a hash of them using the PBKDF2 algorithm. It actually uses
a default of 20,000 hasing iterations! This is the security community's recommended number of iterations.
This can be a rather large performance hit on your system as PBKDF2, by design, gobbles up a significant amount of CPU.
It is up to you to decide how serious you want to be to protect your password database.