Better Password Hashes

From: A.J. Kehoe IV (Nanoman) <"A.J.>
Date: Mon, 30 Sep 2013 14:16:11 -0400
On the FreeBSD-security mailing list earlier this year, I brought up the issue of improving password hashes.  The patches I included were for FreeBSD 9-STABLE, which is what I use primarily.

gjb_at_ kindly advised me that the patches would need to be extensively tested on CURRENT before they'd be merged into 9-STABLE.  Derek Marcotte, who wrote the patches, sent me his updated versions for CURRENT, and I've submitted these in a PR:

http://www.freebsd.org/cgi/query-pr.cgi?pr=182518

(My apologies for neglecting to prefix the PR's Subject line with "[patch]".)

I've been using Derek's patches on my own production systems for the past few months, and I'm happy to say that they're working perfectly.  So, what we need now is to have these audited and tested by a larger audience, and then merged into 9-STABLE when a sufficient number of people are satisfied.

Let the testing begin!

-- 
A.J. Kehoe IV (Nanoman)     |  /"\  ASCII Ribbon Campaign
Nanoman's Company           |  \ /   - No HTML/RTF in E-mail
E-mail: nanoman_at_nanoman.ca  |   X    - No proprietary attachments
WWW: http://www.nanoman.ca/ |  / \   - Respect for open standards

Received on Mon Sep 30 2013 - 16:26:03 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:42 UTC