Re: wiki.debian.org password reset
Hi,
On 7/01/2013 1:42 PM, Luca Filipozzi wrote:
> On Mon, Jan 07, 2013 at 02:28:20AM +0000, Luca Filipozzi wrote:
>> On Mon, Jan 07, 2013 at 12:57:38PM +1100, Andrew McGlashan wrote:
>>> What I want to know is the following....
>>>
>>> Do you perform hardening practices such as described at this page:
>>>
>>> http://crackstation.net/hashing-security.htm
>
> Having looked at Google's cached version of that page...
;)
It worked last time I checked, but I too get the broken page now :(
> moin 1.9.x uses SSHA (salted SHA1):
>
> http://moinmo.in/MoinMoin2.0/SecurePasswordStorage
>
> It is understood that SHA1 is outdated.
Okay, but SHA1 with key stretching would be better in the short term.
> We've begun a discussion regarding using a newer hash algorithm and possibly a
> key stretching algorithm.
>
>> Please consider adding debian-www@lists.debian.org and/or
>> debian-admin@debian.org to the thread if/when you reply.
>
> I've done this.
Thank you, I've done a reply all now.
Cheers
A.
Reply to: