From 4261dc1d80e3813e50763e7643faa0dbcf6626f9 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 26 Dec 2021 16:51:04 +0100 Subject: mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438 More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that. --- util/sasl/scram.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'util/sasl') diff --git a/util/sasl/scram.lua b/util/sasl/scram.lua index f11ae2e0..37abf4a4 100644 --- a/util/sasl/scram.lua +++ b/util/sasl/scram.lua @@ -41,7 +41,7 @@ Supported Channel Binding Backends 'tls-unique' according to RFC 5929 ]] -local default_i = 4096 +local default_i = 10000 local function validate_username(username, _nodeprep) -- check for forbidden char sequences -- cgit v1.2.3