View Issue Details

IDProjectCategoryView StatusLast Update
0026085mantisbtauthenticationpublic2022-05-08 12:10
Reportervboctor Assigned Todregad  
PrioritynormalSeverityfeatureReproducibilityN/A
Status closedResolutionduplicate 
Product Version2.21.1 
Summary0026085: Support stronger authentication w/ schema changes
Description

We need to strengthen authentication hashing via the following improvements:

  1. Increase password field length.
  2. Add a per user salt field.
  3. Add a hash_iterations to count the number of times the password was hashed.
  4. Allow Password authentication boolean. To disable password authentication for bots or users using alternative methods, e.g. ldap, oauth, etc.

We can consider having these fields added separately, or having a credential type and credential json that is associated with the type. The type can be native or set by an authentication plugins.

Tagsschema

Relationships

duplicate of 0022839 assigneddregad Deprecate MD5 login method and replace with BCRYPT hash 

Activities

dregad

dregad

2022-04-27 13:49

developer   ~0066503

I'm closing this as duplicate, because this is pretty much covered by 0022839, except

Allow Password authentication boolean. To disable password authentication for bots or users using alternative methods, e.g. ldap, oauth, etc.

I don't really understand what you are trying to achieve with that; a more detailed specification would be needed.