Pasted wrong link. We want to use this one by default:
Hi,
We would like to switch encryption algorigthm for user passwords in GateIn.
https://docs.jboss.org/author/display/GTNPORTAL36/Password+Encryption#Pas...
MD5 is becoming outdated and is considered weak nowadays. We would like
to use SHA-256 with random salts as showed in the doc above.
Major downside is that it will break compatibility with already
populated DB. Users would still be able to change the config back to MD5
as part of migration process. We would mention it in the docs.
Any objections?
_______________________________________________
gatein-dev mailing list
gatein-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/gatein-dev