search

openziti / zrok

Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.
https://zrok.io
Apache License 2.0
2.67k stars 105 forks source link

Salted Argon2 Passwords #156

Closed michaelquigley closed 1 year ago

michaelquigley commented 1 year ago

Improve the password storage by incorporating a salt, and use the argon2 hashing function.

This will break existing users ability to log in. Existing users will need to go through the forgot password (#65) workflow to re-establish a working password after this change.

Thanks to @andrewpmartinez for the guidance.

michaelquigley commented 1 year ago

Existing example from the Ziti Edge:

https://github.com/openziti/edge/blob/main/crypto/hash.go