Default password hash
RW
rwmaillists at googlemail.com
Fri Jun 8 16:47:14 UTC 2012
On Fri, 08 Jun 2012 14:51:55 +0200
Dag-Erling Smørgrav wrote:
> We still have MD5 as our default password hash, even though known-hash
> attacks against MD5 are relatively easy these days.
Are any of those attacks relevant to salted passwords even with a
single MD5 hash, let alone FreeBSD's complicated iterative algorithm?
> We've supported SHA256 and SHA512 for many years now, so how about
> making SHA512 the default instead of MD5, like on most Linux
> distributions?
I think the most important consideration is which is most resistant to
brute force dictionary attack with GPUs. From a quick look at the code
SHA512 looks to have 5000 rounds compared to MD5's 1000, but it's not
so easy to compare with Blowfish.
More information about the freebsd-security
mailing list