looks fine for us.
On May 28, 2013, at 10:47 AM, Bolesław Dawidowicz <bdawidow(a)redhat.com> wrote:
Pasted wrong link. We want to use this one by default:
https://docs.jboss.org/author/display/GTNPORTAL36/Password+Encryption#Pas...
On 05/28/2013 10:42 AM, Bolesław Dawidowicz wrote:
> Hi,
>
> We would like to switch encryption algorigthm for user passwords in GateIn.
>
>
https://docs.jboss.org/author/display/GTNPORTAL36/Password+Encryption#Pas...
>
> MD5 is becoming outdated and is considered weak nowadays. We would like
> to use SHA-256 with random salts as showed in the doc above.
>
> Major downside is that it will break compatibility with already
> populated DB. Users would still be able to change the config back to MD5
> as part of migration process. We would mention it in the docs.
>
> Any objections?
> _______________________________________________
> gatein-dev mailing list
> gatein-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/gatein-dev
>
_______________________________________________
gatein-dev mailing list
gatein-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/gatein-dev