olmobrutall
commented
1 year ago Hi @pbeckmannCE.
I agree with you diagnostic and a migration strategy for password hashes to be algorithms or different salts would be useful.
Particularly I don’t use local user account that much. Lately all the applications have AD integration, but if you make a PR I will accept it
pbeckmannCE
Hi there, while analyzing our codebase with SonarQube, we found that we are still using SHA1 to hash our user's passwords. Therefore we want to migrate our Signum based applications to a more secure hash algorithm.
Upon further investigation I noted, that we are already overriding Security.EncodePassword (see Security.cs) and the framework is still using MD5, which is broken and unsafe.
I think Signum requires a migration strategy for password hashes in general. The old hash algorithm should be used for login only. After login, the password should be rehashed with a new hash algorithm and the user entity should be saved. When an account is created or a password is reset, the new hash algorithm can be used directly. It would be great if both algorithms are overridable, like at the moment. This way developers using the Signum framework can decide when to migrate and from which algorithm to which.