Make Scram password storage the default in default config files

processone / ejabberd

Robust, Ubiquitous and Massively Scalable Messaging Platform (XMPP, MQTT, SIP Server)

https://www.process-one.net/en/ejabberd/

Other

6.01k stars 1.5k forks source link

Make Scram password storage the default in default config files #4107

Open mremond opened 8 months ago

mremond commented 8 months ago

All modern clients should now support SCRAM, we can consider, SCRAM password storage should be added to the default config file.

licaon-kter commented 8 months ago

Modern clients like Monal support SCRAM only if SASL2 is supported, will this be added too?

weiss commented 8 months ago

You can actually offer SASL PLAIN login with scram-hashed password storage. I think the reason we sticked to plain-text passwords was just that SIP and (traditional) TURN authentication requires those.

Neustradamus commented 8 months ago

@aamelnikov has always said me that original SCRAM RFC is for SIP too.