Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-64539

"auth_ldap | passtype" provides only sha-1 as strongest pw encryption mechanism

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.6.1
    • Fix Version/s: None
    • Component/s: Authentication
    • Labels:
    • Affected Branches:
      MOODLE_36_STABLE

      Description

      sha-1 is really outdated, should be changed

      ssha (minimum):

      $password = '{SSHA}' . base64_encode(sha1( $password.$salt, TRUE ). $salt);

      Suggestion: sha512 (much better, in example done by crypt):

      https://stackoverflow.com/questions/43096380/set-userpassword-to-crypt-sha-512-in-openldap-programmaticaly-remotely

      GDPR - you know ...

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mccab99 Maik Riecken
              Participants:
              Component watchers:
              Jake Dallimore, Jun Pataleta, Ryan Wyllie
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: