Il 08/01/20 03:05, Quanah Gibson-Mount ha scritto:
In any case, I've been advocating for several years now to get rid of
SSHA as the default hashing mechanism and replace it with something that
may actually have some security value.
But in the current version it better to use the contrib module, or
delegate the hashing to the C library? I'm currently using on new install:
password-hash {CRYPT}
password-crypt-salt-format "$6$%.16s"
but I'm using only Linux, I don't know if this is applicable on other OS.