Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-2360

Add a stronger password authentication scheme (replace md5 with sha?)

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.7.7
    • Component/s: Security
    • Labels:
      None

      Description

      Add a stronger authentication scheme, ideally something certificate-based. The current protocol for password authentication using Md5 looks reversible via rainbow (not confirmed).

        Attachments

          Issue Links

          has to be done before

          Improvement - An improvement or enhancement to an existing feature or task. CSHARP-573 Change MD5 Hash for Machine Key to Something FIPS Compliant

          • Minor - P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is depended on by

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library

          • Major - P3 - Major loss of function.
          • Closed
          is related to

          New Feature - A new feature of the product, which has yet to be developed. SERVER-7596 Support SCRAM-SHA-1 SASL Mechanism

          • Major - P3 - Major loss of function.
          • Closed
          related to

          Task - A task that needs to be done. SERVER-9058 Use FIPS-140-2 Approved Pseudorandom Number Generator for SecureRandom

          • Major - P3 - Major loss of function.
          • Open

            Activity

              People

              • Votes:
                6 Vote for this issue
                Watchers:
                23 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: