[
https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12838974#action_12838974
]
Bryan Pendleton commented on DERBY-4483:
----------------------------------------
Knut Anders, thanks *very* much for the detailed writeup. It will be very
helpful to people studying your proposal.
> This means that a database may contain passwords that are hashed using
> different algorithms.
Can the Derby administrator or DBA tell that they are in this state? Is there a
way to know
which user/passwords are hashed with which algorithm, during a situation in
which my database has
such a mixture?
> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
> Key: DERBY-4483
> URL: https://issues.apache.org/jira/browse/DERBY-4483
> Project: Derby
> Issue Type: Improvement
> Components: Services
> Affects Versions: 10.5.3.0
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: experiment.diff
>
>
> The BUILTIN authentication scheme protects the passwords by hashing them with
> the SHA-1 algorithm. It would be nice to have way to specify a different
> algorithm so that users can take advantage of new, stronger algorithms
> provided by their JCE provider if so desired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
