Date: Mon, 3 Mar 2014 15:28:19 -0500 From: John Baldwin <jhb@freebsd.org> To: freebsd-current@freebsd.org Cc: Eitan Adler <lists@eitanadler.com> Subject: Re: Feature Proposal: Transparent upgrade of crypt() algorithms Message-ID: <201403031528.19273.jhb@freebsd.org> In-Reply-To: <CAF6rxg=MeR9742DjxiRBxjaK=hCN4pZpKL8Tjd%2BVq=f75Ym4zA@mail.gmail.com> References: <530FE2E9.5010902@allanjude.com> <CAF6rxg=MeR9742DjxiRBxjaK=hCN4pZpKL8Tjd%2BVq=f75Ym4zA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, February 28, 2014 4:58:29 pm Eitan Adler wrote: > On 27 February 2014 20:14, Allan Jude <freebsd@allanjude.com> wrote: > > With r262501 > > (http://svnweb.freebsd.org/base?view=revision&revision=262501) importing > > the upgraded bcrypt from OpenBSD and eventually changing the default > > identifier for bcrypt to $2b$ it reminded me of a feature that is often > > seen in Forum software and other web apps. > > > > Transparent algorithm upgrade. > ... > > I would strongly support this > > > I think Nick's point is you do want passwords using the "old" hash to expire > are some point if they haven't been auto-converted. > > Password expiry is an orthogonal issue and should be up to administrator policy. Yes, but if you are moving to a different algorithm to improve security, not coupling it with an eventual expiration of non-migrated accounts gives a false sense of security. Any admin worth his/her salt is going to want the option of enforcing that sort of policy along with the transparent update. They should really be implemented together is all. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403031528.19273.jhb>