This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/13286] RFE: bcrypt support
- From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Wed, 12 Oct 2011 20:11:35 +0000
- Subject: [Bug libc/13286] RFE: bcrypt support
- Auto-submitted: auto-generated
- References: <bug-13286-131@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=13286
--- Comment #1 from joseph at codesourcery dot com <joseph at codesourcery dot com> 2011-10-12 20:11:35 UTC ---
On Wed, 12 Oct 2011, lsof at nodata dot co.uk wrote:
> Please could bcrypt support be added to glibc so that we have a modern, safe
> way of storing passwords?
What's wrong with the SHA-256 and SHA-512 based ways added in 2.7?
> Background and justification is here:
> http://codahale.com/how-to-safely-store-a-password/
That says nothing about the SHA-256 and SHA-512 based methods.
> Summary of link:
> Modern hardware can crack standard encrypted passwords very fast (even if they
> use a salt). bcrypt is a solution to this.
So are the methods added in 2.7.
http://www.akkadia.org/drepper/sha-crypt.html
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.