Developer forum

Forum » Feature requests » Password hashing algorithm

Password hashing algorithm

Peter Leleulya
Peter Leleulya
Reply

Hi guys,

For your all new and improved DW10, are there plans to upgrade your hashing algorithm?
Currently the SHA512 is available, which is actually more meant for document encrypting than for password encrypting.

We would rather see hashing/password deriving methods like bcript, scrypt or pbkdf2


Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Reply

Yes, we will be looking at adding new options. But I do not think it is related to DW10, but could be DW9 as well. But it would require all users to change password...

Using different salt per user would be more important than updating to a slower hashing algo.

 

You must be logged in to post in the forum