Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-2360

Add a stronger password authentication scheme (replace md5 with sha?)

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed
    • Minor - P4
    • Resolution: Fixed
    • None
    • 2.7.7
    • Security
    • None

    Description

      Add a stronger authentication scheme, ideally something certificate-based. The current protocol for password authentication using Md5 looks reversible via rainbow (not confirmed).

      Attachments

        Issue Links

          has to be done before

          Improvement - An improvement or enhancement to an existing feature or task. CSHARP-573 Change MD5 Hash for Machine Key to Something FIPS Compliant

          • Minor - P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is depended on by

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library

          • Major - P3 - Major loss of function.
          • Closed
          is related to

          New Feature - A new feature of the product, which has yet to be developed. SERVER-7596 Support SCRAM-SHA-1 SASL Mechanism

          • Major - P3 - Major loss of function.
          • Closed
          related to

          Task - A task that needs to be done. SERVER-9058 Use FIPS-140-2 Approved Pseudorandom Number Generator for SecureRandom

          • Major - P3 - Major loss of function.
          • Backlog

          Activity

            People

              andreas.nilsson Andreas Nilsson
              dblock Daniel Doubrovkine
              Votes:
              6 Vote for this issue
              Watchers:
              23 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: