Re: Feature Proposal: Transparent upgrade of crypt() algorithms

On Friday, February 28, 2014 4:58:29 pm Eitan Adler wrote:
> On 27 February 2014 20:14, Allan Jude <freebsd@allanjude.com> wrote:
> > With r262501
> > (http://svnweb.freebsd.org/base?view=revision&revision=262501) importing
> > the upgraded bcrypt from OpenBSD and eventually changing the default
> > identifier for bcrypt to $2b$ it reminded me of a feature that is often
> > seen in Forum software and other web apps.
> >
> > Transparent algorithm upgrade.
> ...
> 
> I would strongly support this
> 
> > I think Nick's point is you do want passwords using the "old" hash to 
expire
> are some point if they haven't been auto-converted.
> 
> Password expiry is an orthogonal issue and should be up to administrator 
policy.

Yes, but if you are moving to a different algorithm to improve security, not 
coupling it with an eventual expiration of non-migrated accounts gives a false 
sense of security.  Any admin worth his/her salt is going to want the option
of enforcing that sort of policy along with the transparent update.  They 
should really be implemented together is all.

-- 
John Baldwin
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"