Re: [gatein-dev] Switch from MD5 to SHA for password encoding

Hi, We would like to switch encryption algorigthm for user passwords in GateIn. https://docs.jboss.org/author/display/GTNPORTAL36/Password+Encryption#Pas... MD5 is becoming outdated and is considered weak nowadays. We would like to use SHA-256 with random salts as showed in the doc above. Major downside is that it will break compatibility with already populated DB. Users would still be able to change the config back to MD5 as part of migration process. We would mention it in the docs. Any objections? _______________________________________________ gatein-dev mailing list gatein-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/gatein-dev