Hi,
I got a question/remark regarding this page:
http://www.ovirt.org/Features/AAA_JDBC
It states:
Account Password
Hash function, default sha256
Well this is not a secure default.
I don't know if nothing better can be used
but here are some viable alternatives, in
decreasing order (when we talk about security):
scrypt, bcrypt, PBKDF2
Would it be possible to use one of these
as a default?
--
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen