diff options
| author | Kim Alvefur <zash@zash.se> | 2021-12-26 16:51:04 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2021-12-26 16:51:04 +0100 |
| commit | 4261dc1d80e3813e50763e7643faa0dbcf6626f9 (patch) | |
| tree | 296a035f0ce79c5626657e54255889ce97812ac4 /plugins | |
| parent | c122d673e626a7f2a4596d9a2b12a15846406d5b (diff) | |
| download | prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.tar.gz prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.zip | |
mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438
More security for less pain than switching to SCRAM-SHA-256
The XEP will likely be change to reference the RFC that will probably
come from draft-ietf-kitten-password-storage once it is ready, and then
we should update to follow that.
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/mod_auth_internal_hashed.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index 285ca118..1b0e76ed 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -28,7 +28,7 @@ local get_auth_db = assert(scram_hashers[hash_name], "SCRAM-"..hash_name.." not local scram_name = "scram_"..hash_name:gsub("%-","_"):lower(); -- Default; can be set per-user -local default_iteration_count = module:get_option_number("default_iteration_count", 4096); +local default_iteration_count = module:get_option_number("default_iteration_count", 10000); -- define auth provider local provider = {}; |