Re: Antw: Re: Openldap support SHA-256 or SHA-3.
--On Tuesday, January 14, 2020 9:12 AM +0100 Ulrich Windl
<Ulrich.Windl(a)rz.uni-regensburg.de> wrote:
> As Howard already noted, what we're looking for is something
like
> Argon2, not further SSHA derivatives.
There may be a security benefit like going from paranoid to triple
paranoid, but for real life I think users' poor passwords and the
handling of those (keeping them in unsafe memory, fishing, post-it
stickers, etc.) gives real attackers easier means go "get the password".
The OpenLDAP Foundation can only take responsibility for its software, not
user habits. Security of the software it provides is a project priority.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>