codecov-commenter
commented
2 years ago Codecov Report
Merging #1149 (7fcdf3a) into v2-11-0 (71e5a18) will increase coverage by
0.01%. The diff coverage is100.00%.
@@ Coverage Diff @@
## v2-11-0 #1149 +/- ##
===========================================
+ Coverage 98.94% 98.96% +0.01%
===========================================
Files 96 99 +3
Lines 1712 1731 +19
Branches 404 410 +6
===========================================
+ Hits 1694 1713 +19
Misses 18 18 | Impacted Files | Coverage Δ | |
|---|---|---|
| .../core/src/core/routes/convert-error-to-response.ts | 100.00% <ø> (ø) |
|
| packages/core/src/index.ts | 0.00% <ø> (ø) |
|
| ...es/core/src/common/auth/passwords/hash-password.ts | 100.00% <100.00%> (ø) |
|
| packages/core/src/common/auth/passwords/index.ts | 100.00% <100.00%> (ø) |
|
| ...h/passwords/password-hash-needs-to-be-refreshed.ts | 100.00% <100.00%> (ø) |
|
| .../passwords/utils/decompose-pbkdf2-password-hash.ts | 100.00% <100.00%> (ø) |
|
| ...ages/core/src/common/auth/passwords/utils/index.ts | 100.00% <100.00%> (ø) |
|
| .../core/src/common/auth/passwords/verify-password.ts | 100.00% <100.00%> (ø) |
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.
Issue
Latest OWASP guidelines recommend to have a work factor for PBKDF2 of 310,000 iterations when HMAC-SHA256 hashing algorithm is used. The iterations in
hashPasswordthus must be increased.Source: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2
Solution and steps
passwordHashNeedsToBeRefreshed.passwordHashNeedsToBeRefreshedin a log in controller.Checklist