Actions
Bug #23208
open
Add a warning in the logs when using local auth with non-bcrypt passwords
Status:
Pending technical review
Priority:
N/A
Assignee:
Category:
Security
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No
Description
The old hashes should be replaced fro security. A rudder-users.xml access without it would very likely lead to password recovery using rainbow tables.
Updated by Alexis Mousset 9 months ago
- Status changed from New to In progress
- Assignee set to Alexis Mousset
Updated by Alexis Mousset 9 months ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to François ARMAND
- Pull Request set to https://github.com/Normation/rudder/pull/4944
Updated by Vincent MEMBRÉ 8 months ago
- Target version changed from 8.0.0~beta1 to 8.0.0~beta2
Updated by Vincent MEMBRÉ 8 months ago
- Target version changed from 8.0.0~beta2 to 8.0.0~beta3
Updated by Alexis Mousset 7 months ago
- Target version changed from 8.0.0~beta3 to 8.1.0~alpha1
Updated by Vincent MEMBRÉ 4 months ago
- Target version changed from 8.1.0~alpha1 to 8.1.0~beta1
Updated by Vincent MEMBRÉ 2 months ago
- Target version changed from 8.1.0~beta1 to 8.1.0~beta2
Updated by Vincent MEMBRÉ about 2 months ago
- Target version changed from 8.1.0~beta2 to 8.1.0~rc1
Updated by Vincent MEMBRÉ about 1 month ago
- Target version changed from 8.1.0~rc1 to 8.1.0
Updated by Vincent MEMBRÉ 25 days ago
- Target version changed from 8.1.0 to 8.1.1
Updated by Vincent MEMBRÉ 12 days ago
- Target version changed from 8.1.1 to 8.1.2
Updated by Vincent MEMBRÉ 7 days ago
- Target version changed from 8.1.2 to 8.1.3
Actions