|
|
|
Password_Hash
In V13.1 onwards, allows setting the hash function used when generating new entries in the password database.
Set scaling factor using PASSWORD_HASH_DIFFICULTY.
Clients must support the hash algorithm configured by the server. Using PBKDF2 or ARGON2 requires the BouncyCastle third-party cryptography library for both JDBC and ADO.net.*
Options:
ORIGINAL - uses SHA2-512 hash scheme. This is the only supported option in V10-V13.0.3.
PBKDF2_SHA2_512 - uses PBKDF2(SHA2-512)
PBKDF2_SHA3_512 - uses PBKDF2(SHA3-512)
ARGON2_64MB - uses ARGON2id with 64MB RAM requirement
ARGON2_2GB - uses ARGON2id with 2GB RAM requirement
Defaults to ORIGINAL.
More information:
Changes to PASSWORD_HASH will only take effect when each user's password is next added or changed.
*NOTE: To use BouncyCastle with JDBC, either the main application must run:
Security.addProvider(new BouncyCastleProvider());
Or you can add it to your java runtime configuration:
conf/security/java.security
It will be resolved at runtime if the .jar is available:
security.provider.<n>=org.bouncycastle.jce.provider.BouncyCastleProvider
