e7363905fa
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2): - Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512 - Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000 - Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000 - Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000 - Adapt PasswordHashingTest to new defaults - The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations. - Document changes in changes document with note on performance and how to keep the old behaviour. - Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly Fixes #16629 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> |
||
---|---|---|
.. | ||
db-allocator-plugin | ||
integration-arquillian | ||
model | ||
utils | ||
pom.xml |