New Password Criptography Strategy

[felippe-regazio]

Passwords are saved with MD5+Salt. Thats... meh... ok. But there are more robust solutions like bcrypt or argon2. Consider to add a new encryption strategy for passwords.

Stages:

1. Add a new key "encryption" on credentials model that tells which encryption algorithm to use
2. Based on the encryption key decide which strategy to use when enc/dec passwords
3. Must study and validate new alternatives of enc/dec

[rgsilva]

You probably already know this (based on the fact you're using md5+salt), but I got the chills when I read the "/dec passwords" part 😂: you shouldn't be able to decrypt user passwords.