[keycloak-dev] Password storage and KDFs
Bill Burke
bburke at redhat.com
Wed Jan 22 09:31:03 EST 2014
BTW, we'll have to think of something similar to protect realm private
keys. Getting access to the private key of a realm would be 1000 times
worse than getting the PW database as you could write a token giving any
permission you wanted.
Any ideas? Maybe a master boot password which is used to encrypt the
private keys? Which is entered on server startup?
On 1/22/2014 9:25 AM, Bruno Oliveira wrote:
> Thank you Bill, awesome!
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list