Home_greyopenFATE - openSUSE feature tracking > #308966
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

Change default passwd hash algorithm to sha512

Feature state

openSUSE-11.3
Rejected Information

Description

Change the default hashing algorithm that gets used by passwd and friends to something more secure than md5 in /etc/default/passwd (preferable sha512). 
Also please do this ASAP since we are early enough in the development cycle so any unexpected side effects get discovered and fixed before release.

User benefit:

The reason behind this change is that nowadays md5 simply isn't secure anymore.

Discussion


icons/user_comment.png S. K. wrote: (8 years ago)

I'm not sure you understand where the md5 is used. md5 is simply the fallback for external services and I'm not sure you can guarantee all external password directories support sha512

icons/user_comment.png J. E. wrote: (8 years ago)

The current default is Blowfish, and that is rather incompatible to other Linux distros, given that upstream Glibc does not have BF, but it does have SHA.

Last change: 8 years ago
Voting
Score: 2
  • Negative: 0
  • Neutral: 0
  • Positive: 2
Tags
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint