mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

opaque: Lower the compute cost

Browse Source 
This reduces the time to validate a password, at a minor cost of
security (makes bruteforcing the DB easier, but still really hard).

Note: this invalidates all current passwords. It is recommended to
delete the admin user directly in sqlite:

$ sqlite3 users.db
> DELETE from users WHERE user_id = "admin";

It will be recreated with the reset password when restarting the server.
The admin can then reset other users' passwords.
This commit is contained in:
Valentin Tolmer 2021-10-11 20:09:34 +02:00 committed by nitnelave
parent 263fd44156
commit 73a39fecf0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
auth/src/opaque.rs
View File

@ -27,7 +27,7 @@ impl ArgonHasher {
mem_cost: 50 * 1024, // 50 MB, in KB mem_cost: 50 * 1024, // 50 MB, in KB
secret: &[], secret: &[],
thread_mode: argon2::ThreadMode::Sequential, thread_mode: argon2::ThreadMode::Sequential,
time_cost: 5, time_cost: 1,
variant: argon2::Variant::Argon2id, variant: argon2::Variant::Argon2id,
version: argon2::Version::Version13, version: argon2::Version::Version13,
}; };