mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438

More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that.
author: Kim Alvefur <zash@zash.se> 2021-12-26 16:51:04 +0100
committer: Kim Alvefur <zash@zash.se> 2021-12-26 16:51:04 +0100
commit: 4261dc1d80e3813e50763e7643faa0dbcf6626f9 (patch)
tree: 296a035f0ce79c5626657e54255889ce97812ac4 /util/sasl
parent: c122d673e626a7f2a4596d9a2b12a15846406d5b (diff)
download: prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.tar.gz
prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua
index f11ae2e0..37abf4a4 100644
--- a/util/sasl/scram.lua
+++ b/util/sasl/scram.lua
@@ -41,7 +41,7 @@ Supported Channel Binding Backends
 'tls-unique' according to RFC 5929
 ]]
 
-local default_i = 4096
+local default_i = 10000
 
 local function validate_username(username, _nodeprep)
 	-- check for forbidden char sequences
author	Kim Alvefur <zash@zash.se>	2021-12-26 16:51:04 +0100
committer	Kim Alvefur <zash@zash.se>	2021-12-26 16:51:04 +0100
commit	4261dc1d80e3813e50763e7643faa0dbcf6626f9 (patch)
tree	296a035f0ce79c5626657e54255889ce97812ac4 /util/sasl
parent	c122d673e626a7f2a4596d9a2b12a15846406d5b (diff)
download	prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.tar.gz prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.zip