[RADIATOR] BCRYPT
Derek Buttineau
derek at csolve.net
Fri Sep 30 06:35:54 CDT 2011
On 2011-09-30, at 7:08 AM, Heikki Vatiainen wrote:
> On 08/25/2011 12:24 PM, Heikki Vatiainen wrote:
>
> Hello Derek,
>
>> On 08/24/2011 03:36 PM, Derek Buttineau wrote:
>
>>> I was actually thinking of AuthBy SQL. We're currently using UNIX crypt, but realized it's time to improve security. I'm being told that bcrypt is the way to go (OpenBSD style 2a/2y). So I guess wait for 4.8 or the patches to be issued?
>
>> So the additional hash types may require more work than I originally
>> thought. We'll need to check a bit more how to do this. I'll keep you
>> and the list posted.
>
> Radiator 4.9 now has more hash types supported. You may want to see if
> these are useful to you.
>
> From the list of changes:
>
> Added support for passwords encrypted with $2a$, $2x$ and $2y$
> blowfish crypt and $5$ SHA-256 crypt (where supported by the
> underlying crypt()). Improvements to support rounds= notation in
> SHA-256, SHA512 crypt.
Thanks Heikki,
I'll check it out!
Cheers,
Derek
More information about the radiator
mailing list