Project

General

Profile

Actions
Copy link

Enhancement #27235

closed

Documentation for passwords should be explicit about password hashes compatibility

Added by Clark ANDRIANASOLO 24 days ago. Updated 14 days ago.

Status:
Released
Priority:
1 (highest)
Assignee:
François ARMAND
Category:
Documentation
Target version:
8.3.3
Pull Request:
https://github.com/Normation/rudder-d...
UX impact:
I dislike using that feature
Suggestion strength:
Advise - This would make Rudder significantly better | easier | simpler
User visibility:
First impressions of Rudder
Effort required:
Very Small
Name check:
To do
Fix check:
Checked
Regression:
No

Description

In https://docs.rudder.io/reference/8.3/administration/users.html#_passwords, we don't mention the incoming drop of support for unsafe hash algorithms for passwords (since argon2id in 9.0 with #26996).
The policy is to support bcrypt (8.3, 9.0) and argon2id (9.0), and drop support (#27128) for other ones in 9.0, such as MD5/SHA...

Related issues 2 (0 open2 closed)

Related to Rudder - Architecture #26996: Add argon2id support for local hashReleasedAlexis MoussetActions
Related to Rudder - Architecture #27128: Drop support for legacy password hash algorithmsReleasedFrançois ARMANDActions
Actions
Copy link

Also available in: Atom PDF