View Issue Details

IDProjectCategoryView StatusLast Update
0026085mantisbtauthenticationpublic2019-08-26 08:51
Reportervboctor Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
Status newResolutionopen 
Product Version2.21.1 
Summary0026085: Support stronger authentication w/ schema changes
Description

We need to strengthen authentication hashing via the following improvements:

  1. Increase password field length.
  2. Add a per user salt field.
  3. Add a hash_iterations to count the number of times the password was hashed.
  4. Allow Password authentication boolean. To disable password authentication for bots or users using alternative methods, e.g. ldap, oauth, etc.

We can consider having these fields added separately, or having a credential type and credential json that is associated with the type. The type can be native or set by an authentication plugins.

Tagsschema

Relationships

related to 0022839 assigneddregad Deprecate MD5 login method and replace with BCRYPT hash 

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-08-26 02:21 vboctor New Issue
2019-08-26 02:21 vboctor Tag Attached: schema
2019-08-26 02:22 vboctor Relationship added related to 0022839