3 Jun
2019
3 Jun
'19
7:22 a.m.
Howard, hello.
On 3 Jun 2019, at 15:07, Howard Chu wrote:
SHA-2 in any form is unsuitable for use as a password hash, simply because it is too easy to compute. At this point the best choice is the one that won the Password Hashing Competition - Argon2. https://github.com/P-H-C/phc-winner-argon2
That makes sense -- thanks.
Patches for adding this to OpenLDAP would of course be welcome.
I'm sure. However I fear I'm not going to be able to oblige in the short term....
Best wishes,
Norman
--
Norman Gray : https://nxg.me.uk