[fossil-users] Password hashing: why doesn't fossil use bcrypt/scrypt?

Wed, 22 Dec 2010 14:06:54 -0800 

Hi.



I was looking at
http://www.fossil-scm.org/index.html/doc/trunk/www/password.wiki and
worried about the case of a compromised repository. Why does Fossil
use SHA1 and not scrypt/bcrypt to store passwords?


thanks in advance (and happy holidays),
lvh
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Reply via email to