<div dir="ltr">There's 3 places this would be relevant: session codes (used during authentication), OpenID Connect and SAML. Only SAML currently supports configuring to SHA512. It's not currently on the road-map to add for the others, but feel free to create a JIRA issue to request this.<div><div class="gmail_extra"><br><div class="gmail_quote">On 30 May 2016 at 02:06, Lange, Christian <span dir="ltr"><<a href="mailto:christian.lange@atos.net" target="_blank">christian.lange@atos.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello Stian, (Hello Developers,)<br>
<br>
I wonder if you think about switching from SHA256 as the default hash algorithm to SHA512.<br>
Nowadays most of the servers are equipped with 64Bit CPUs and SHA512 can actually benefit from that architecture (under good conditions 1/3x faster than SHA256).<br>
<br>
Correct me if I'm wrong but as far as I know it's not possible to select the algorithms without some custom code changes.<br>
<br>
Best regards,<br>
Christian<br>
<br>
________________________________________<br>
Von: <a href="mailto:keycloak-user-bounces@lists.jboss.org">keycloak-user-bounces@lists.jboss.org</a> [<a href="mailto:keycloak-user-bounces@lists.jboss.org">keycloak-user-bounces@lists.jboss.org</a>]&quot; im Auftrag von &quot;Stian Thorgersen [<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>]<br>
Gesendet: Donnerstag, 26. Mai 2016 21:13<br>
An: keycloak-user; keycloak-dev<br>
Betreff: [keycloak-user] Keycloak 1.9.5.Final Released<br>
<span class=""><br>
Keycloak 1.9.5.Final has just been released. There's one change worth highlighting in this release. We've increased the default password hashing intervals to 20000. Yes, you read that right. We've actually recommended using 20000 for a while now, but the default was only 1. This is a clear trade-off between performance and how secure passwords are stored. With 1 password hashing interval it takes less than 1 ms to hash a password, while with 20000 it takes tens of ms.<br>
<br>
</span>For the full list of resolved issues check out JIRA<<a href="https://issues.jboss.org/issues/?jql=project%20%3D%20keycloak%20and%20fixVersion%20%3D%201.9.5.Final" rel="noreferrer" target="_blank">https://issues.jboss.org/issues/?jql=project%20%3D%20keycloak%20and%20fixVersion%20%3D%201.9.5.Final</a>> and to download the release go to the Keycloak homepage<<a href="http://www.keycloak.org/downloads" rel="noreferrer" target="_blank">http://www.keycloak.org/downloads</a>>.<br>
<br>
</blockquote></div><br></div></div></div>