No announcement yet.

passwordMech with salted passwords

  • Filter
  • Time
  • Show
Clear All
new posts

  • passwordMech with salted passwords

    Hello all

    I have a question: is it possible to use other passwordMechs than SHA and MD5, e.g. use a salt with one of those mechs? In principle this would not be such a huge change, one could store the salt in an additional column in the user table or even in the same field with ":" as separators. This would improve security a whole lot since cracking a salted password cannot be done by pre-computation (e.g. Rainbow tables). Is this possible with OpenXchange or is this a feature that will be added at some point? If it is possible, how do I activate it?

    The only other thread I found discussing this is the one here and it does not answer my question:

    Thanks a lot