diff options
| author | Martin Spielmann <martin.spielmann@pingunaut.com> | 2017-01-01 20:22:06 +0100 |
|---|---|---|
| committer | Martin Spielmann <martin.spielmann@pingunaut.com> | 2017-01-01 21:41:11 +0100 |
| commit | 15782f62ba134006a2f92f65d10f0713e8ad85a0 (patch) | |
| tree | 67812daad922bce54dc8b8c7f43c1204991d24d2 /src/main/distrib/data | |
| parent | 99b4a1898f0c3533062263cda18b456f099ee2cf (diff) | |
| download | gitblit-15782f62ba134006a2f92f65d10f0713e8ad85a0.tar.gz gitblit-15782f62ba134006a2f92f65d10f0713e8ad85a0.zip | |
Added possibility to use secure hashes to store passwords
Addresses #1166
Diffstat (limited to 'src/main/distrib/data')
| -rw-r--r-- | src/main/distrib/data/defaults.properties | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/main/distrib/data/defaults.properties b/src/main/distrib/data/defaults.properties index 9bb02482..352a6750 100644 --- a/src/main/distrib/data/defaults.properties +++ b/src/main/distrib/data/defaults.properties @@ -854,12 +854,14 @@ realm.userService = ${baseFolder}/users.conf realm.authenticationProviders = # How to store passwords. -# Valid values are plain, md5, or combined-md5. md5 is the hash of password. +# Valid values are plain, md5, combined-md5 or PBKDF2WithHmacSHA256. +# md5 is the hash of password. # combined-md5 is the hash of username.toLowerCase()+password. -# Default is md5. +# PBKDF2WithHmacSHA256 is salt+hash(salt+password) +# Default is PBKDF2WithHmacSHA256. # # SINCE 0.5.0 -realm.passwordStorage = md5 +realm.passwordStorage = PBKDF2WithHmacSHA256 # Minimum valid length for a plain text password. # Default value is 5. Absolute minimum is 4. |