Details
-
Task
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
Description
Currently it is not possible with the PARSEC plugin to define the number of iterations to be used when generating the key corresponding to the password.
To ensure proper security for users long term, the PARSEC plugin should allow specifying the number of iterations. Additionally, the default should be something more secure. According to wikipedia currently:
In 2023, OWASP recommended to use 600,000 iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512. Algorithmic representation of the iterative process of the Password-Based Key Derivation Function 2.
Attachments
Issue Links
- blocks
-
MDEV-32618 PARSEC Authentication Plugin
- Closed