[RAVE-410] Use bcrypt for password hashing - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.8-INCUBATING
Component/s: None
Labels:
None

Description

Current password hashing implementation is pretty much useless against brute force/dictionary attacks.

see:
https://jira.springsource.org/browse/SEC-1472
http://www.win.tue.nl/cccc/sha-1-challenge.html

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

RAVE-410.patch
08/Jan/12 13:57
28 kB
marijan milicevic

Activity

People

Assignee:: Unassigned

Reporter:: marijan milicevic

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 05/Jan/12 19:55

Updated:: 23/Feb/12 14:41

Resolved:: 20/Jan/12 17:42