Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-213

Password and hash management

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.2.0
    • None
    • None

    Description

      Sometimes secure hashes are long lived. I usually will hash something but prefix the string to be hashed with a secret password; I will usually add a bit of salt too. Often I will need to change the password to that hash on a periodic basis. Sometimes I find out that a particular hash algorithm is no longer secure and need to change my hash. What do I do with the old hashes? How can I tell them apart from the new ones?

      What I do is store the hashes as tuples which contain enough information my code to figure out what hash to use. All of this applies to encryption as well.

      I'm wondering is if we should provide some kind of manager to manage all this.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. SHIRO-280 Create a PasswordService to automate user password management techniques

          • Major - Major loss of function.
          • Closed

          Activity

            People

              lhazlewood Les Hazlewood
              maguro Alan Cabrera
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: