Description
Currently, passwords are hashed using a configurable algorithm, salt, and iteration. This is fine, but the standard PBKDF2 is not supported currently, as we use our own algorithm to combine the salt and password and then iterate.
I would like to add support for the PBKDF2 standard, which is used in WPA, WPA2, iOS, Android, and so on. See also:
http://en.wikipedia.org/wiki/PBKDF2
http://tools.ietf.org/html/rfc2898
The implementation of the most common combination, PBKDF2 with HMAC SHA-1, is already included in Java 6, so we would just have to make use of it. Unfortunately, SHA-256 is not supported yet as far as I see.
Attachments
Attachments
Issue Links
- is related to
-
OAK-7778 PasswordUtil#isPlainTextPassword doesn't validate PBKDF2 scheme
- Closed