Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-35254

PARSEC plugin should allow DBAs to specify number of iterations

    XMLWordPrintable

Details

    Description

      Currently it is not possible with the PARSEC plugin to define the number of iterations to be used when generating the key corresponding to the password.

      To ensure proper security for users long term, the PARSEC plugin should allow specifying the number of iterations. Additionally, the default should be something more secure. According to wikipedia currently:

      In 2023, OWASP recommended to use 600,000 iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512. Algorithmic representation of the iterative process of the Password-Based Key Derivation Function 2.

      Attachments

        Issue Links

          Activity

            People

              nikitamalyavin Nikita Malyavin
              cvicentiu Vicențiu Ciorbaru
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.