Description
Currently, ApacheDS 1.5.5 authenticates users with passwords stored with following algorithms:
- (plain text)
- SHA
- SSHA
- MD5
- SMD5
- CRYPT
see class org.apache.directory.server.core.authn.SimpleAuthenticator and enum org.apache.directory.shared.ldap.constants.LdapSecurityConstants.
Most of them are considered weak. http://www.schneier.com/essay-074.html
SHA-256 is not directly supported. How about adding it to the list?