Learn more about these different git repos.
Other Git URLs
The SSSD password cache currently uses salted, iterated (5000 times) SHA-512. SHA-512 is designed for speed and is not an ideal password hash.
Investigate switching to a modern hash designed for password storage such as argon2 (or scrypt or bcrypt). Ideally the digest or implementation should be tunable for a particular time cost (e.g. 0.2 seconds) and memory cost.
This sounds like a fine idea, but nothing we need to implement in a hurry.
It would make for a nice thesis topic perhaps?
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD Future releases (no date set yet)
Metadata Update from @thalman: - Issue tagged with: Future milestone
Metadata Update from @pbrezina: - Issue tagged with: Possible thesis
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4473
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina: - Issue close_status updated to: cloned-to-github - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.