Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-35254

PARSEC plugin should allow DBAs to specify number of iterations

    XMLWordPrintable

Details

    Description

      Currently it is not possible with the PARSEC plugin to define the number of iterations to be used when generating the key corresponding to the password.

      To ensure proper security for users long term, the PARSEC plugin should allow specifying the number of iterations. Additionally, the default should be something more secure. According to wikipedia currently:

      In 2023, OWASP recommended to use 600,000 iterations for PBKDF2-HMAC-SHA256 and 210,000 for PBKDF2-HMAC-SHA512. Algorithmic representation of the iterative process of the Password-Based Key Derivation Function 2.

      Attachments

        Issue Links

          is caused by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-32618 PARSEC Authentication Plugin

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              nikitamalyavin Nikita Malyavin
              cvicentiu Vicențiu Ciorbaru
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.