--On Wednesday, January 8, 2020 10:27 AM +0100 Simone Piccardi
Il 08/01/20 03:05, Quanah Gibson-Mount ha scritto:
> In any case, I've been advocating for several years now to get rid of
> SSHA as the default hashing mechanism and replace it with something that
> may actually have some security value.
But in the current version it better to use the contrib module, or
delegate the hashing to the C library? I'm currently using on new install:
but I'm using only Linux, I don't know if this is applicable on other OS.
The use of CRYPT may be non-portable. In addition to the SSHA2 password
module, there's a module on github that allows the use of bcrypt:
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: