Closed pbeckmannCE closed 7 months ago
Hi @pbeckmannCE.
I agree with you diagnostic and a migration strategy for password hashes to be algorithms or different salts would be useful.
Particularly I don’t use local user account that much. Lately all the applications have AD integration, but if you make a PR I will accept it
Thanks @olmobrutall we will discuss and schedule that.
I forgot to mention that pull request #604 is related to this issue.
Hi there, while analyzing our codebase with SonarQube, we found that we are still using SHA1 to hash our user's passwords. Therefore we want to migrate our Signum based applications to a more secure hash algorithm.
Upon further investigation I noted, that we are already overriding Security.EncodePassword (see Security.cs) and the framework is still using MD5, which is broken and unsafe.
I think Signum requires a migration strategy for password hashes in general. The old hash algorithm should be used for login only. After login, the password should be rehashed with a new hash algorithm and the user entity should be saved. When an account is created or a password is reset, the new hash algorithm can be used directly. It would be great if both algorithms are overridable, like at the moment. This way developers using the Signum framework can decide when to migrate and from which algorithm to which.