Re: [jdev] plaintext passwords hack

Tomasz Sterna Thu, 17 Dec 2009 05:46:11 -0800

Dnia 2009-12-17, czw o godzinie 14:35 +0100, Simon Josefsson pisze:
> If you don't store the hashed password for SCRAM, you need to burn CPU
> time for every login to derive the SCRAM hash keys.  That doesn't scale
> well.


Why do you say so?

It scales well vertically by CPU upgrade, and horizontally by putting
more machines/CPUs to handle user connections.


_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: jdev-unsubscr...@jabber.org
_______________________________________________

Re: [jdev] plaintext passwords hack

Reply via email to