Paul Johnston wrote:
> By default, passwords are stored in the database without a salt. Usual
> practice is to use a salt, to make things harder for an attacker, just
> in case your password database is captured. The scheme I favor is
> storing hmac_sha1(hmac_sha1(master_salt, user_name), password).
> master_salt is a per-site value.
The SSHA algorithm, used by default in Open LDAP, stores something
simpler and just as secure AFAICT:
(sha1(password, random_salt), random_salt)
It seems better to use a standard algorithm and not keep track of a
master salt.
LDAP also provides a standard way to allow multiple password hashing
schemes to coexist in a database. Every password is prefixed with the
scheme name in curly brackets. So a typical password would look like:
{SSHA}da39a3ee5e6b4b0d3255bfef95601890afd80709b6589fc6ab0dc8
I suggest repoze.who plugins, particularly the ZODB plugin, ought to
adopt these standards.
Shane
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
