[Koha-bugs] [Bug 9611] Changing the password hashing algorithm from MD5 to more secure Bcrypt

[bugzilla-daemon at bugs.koha-community.org]

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9611

Chris Hall <chrish at catalyst.net.nz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |chrish at catalyst.net.nz

--- Comment #40 from Chris Hall <chrish at catalyst.net.nz> ---
Hey Mason

http://deps.cpantesters.org/?module=Bytes::Random::Secure

Correct me if I am wrong, but a quick glance suggests we would have to package
bytes::random::secure, scalar::util, Crypt::random::seed, Crypt::random::tesha2
and maybe some of their dependencies.

The closest thing I could find that was also in squeeze was
crypt::openssl::random, but as this requires a decent seed (so that we get
unique values).
I was going to use /dev/urandom for the seed value, however this also suffices
for use as a salt so I just cut out the middleman.

-- 
You are receiving this mail because:
You are watching all bug changes.