diff options
author | Kim Alvefur <zash@zash.se> | 2021-12-26 16:51:04 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2021-12-26 16:51:04 +0100 |
commit | 4261dc1d80e3813e50763e7643faa0dbcf6626f9 (patch) | |
tree | 296a035f0ce79c5626657e54255889ce97812ac4 /util | |
parent | c122d673e626a7f2a4596d9a2b12a15846406d5b (diff) | |
download | prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.tar.gz prosody-4261dc1d80e3813e50763e7643faa0dbcf6626f9.zip |
mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438
More security for less pain than switching to SCRAM-SHA-256
The XEP will likely be change to reference the RFC that will probably
come from draft-ietf-kitten-password-storage once it is ready, and then
we should update to follow that.
Diffstat (limited to 'util')
-rw-r--r-- | util/sasl/scram.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index f11ae2e0..37abf4a4 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -41,7 +41,7 @@ Supported Channel Binding Backends 'tls-unique' according to RFC 5929 ]] -local default_i = 4096 +local default_i = 10000 local function validate_username(username, _nodeprep) -- check for forbidden char sequences |