Hi, Ejabberd has supported storing passwords as SCRAM hashes for some time now, Prosody supports this as well[1].
When switching to SCRAM-hashes, servers will start offering only SASL SCRAM-SHA1 and SASL Plain. Old authentication schemes are no longer supported because hashes are of course incompatible. Furthermore, you cannot switch back because hashes cannot be converted back to plain passwords (which is the whole point). Has anyone made the switch? Is there a significant percentage of clients out there that don't support at least either Plain or SCRAM-SHA1? Or is at least Plain widely supported in all clients? I my own tests I have found that at least my mcabber version segfaults on a testserver[2] that has SCRAM enabled. greetings, Mati [1] http://prosody.im/doc/plain_or_hashed [2] Test installation for SCRAM at er.tl, feel free to try it out. -- twitter: @mathiasertl | xing: Mathias Ertl | email: m...@er.tl I only read plain-text mail! I prefer signed/encrypted mail! -- twitter: @mathiasertl | xing: Mathias Ertl | email: m...@er.tl I only read plain-text mail! I prefer signed/encrypted mail!
smime.p7s
Description: S/MIME Cryptographic Signature
