Announcement

Collapse
No announcement yet.

Change passwordMech

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Change passwordMech

    Hi,
    where can I influence which passwordMech is used? I set up a OX 6.0.5 via the repositories on a opensuse 10.3. Currently Passwords are stored as sha-hash. How can I change it to md5?

    Thx
    Regards
    Thomas

  • #2
    Hi Thomas,

    this mech can be changed at /opt/open-xchange/etc/admindaemon/User.properties
    Code:
    # specify the default password mechanism to use
    # possible values: CRYPT / SHA
    DEFAULT_PASSWORD_MECHANISM=SHA
    note that those changes only are effective for creating new user. Users already created with a sha'ed password will not be updated to a crypt() password.

    Greetings

    Comment


    • #3
      Hmm,

      Martin as I understand jonny12 he wants to change sha to md5 hash.
      And you tell him where to do it, and to change sha to crypt.
      But crypt (8bit) is worse than sha (160bit) or md5 (128bit).

      So to conclude....

      yes, jonny you can change the passwordMech in the file
      /opt/open-xchange/etc/admindaemon/User.properties
      but only to sha and crypt with sha as default. And to my opinion sha is better than md5 so leave it.

      But because of reports of possible cracking sha hashes (mentioned in http://en.wikipedia.org/wiki/SHA_hash_functions):
      Martin, is the version sha-1 or sha-2 with 160bit or the recommended sha-256 or 512?


      CU
      Popeye

      Comment

      Working...
      X