Date: Tue, 02 Aug 2011 10:24:47 -0700 From: "Thomas D. Dean" <tomdean@speakeasy.org> To: freebsd-questions@FreeBSD.org Subject: Re: password hash weaknesses in FreeBSD ? Message-ID: <1312305887.2229.104.camel@asus> In-Reply-To: <CAHKe%2BWJ_8GK-5bYzTMWParYENUF00SrZGj12mmLm9c6rPN-uqg@mail.gmail.com> References: <CAHKe%2BWJ_8GK-5bYzTMWParYENUF00SrZGj12mmLm9c6rPN-uqg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2011-08-02 at 17:36 +0100, マンロークリストファ wrote: > The crypt program to hash passwords uses md5 /DES/blowfish for > password hashing as I have read in the handbook. DES and md5 are > widely regarded to be broken (certainly DES). I would prefer password > hashing to be done using salted SHA1 / SHA256 to meet my security > needs. Is this configuration possible? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > http://www.bsdguides.org/guides/freebsd/security/harden.php google "freebsd password hash sha256" http://www.google.com/search?hl=en&q=freebsd+password+hash +sha256&aq=f&aqi=&aql=&oq= Has patches toward adding this. tomdean
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1312305887.2229.104.camel>