Gentoo Archives: gentoo-dev

From: Mike Gilbert <floppym@g.o>
To: Gentoo Dev <gentoo-dev@l.g.o>
Subject: Re: [gentoo-dev] Switching default password hashes from sha512 to yescrypt
Date: Sun, 24 Jul 2022 00:55:33
Message-Id: CAJ0EP42zSbLvMUB61F-V2pmxdRLx9XX3A+g1ha_CBSgvLw6=eA@mail.gmail.com
In Reply to: [gentoo-dev] Switching default password hashes from sha512 to yescrypt by Mikhail Koliada
1 On Fri, Jul 22, 2022 at 3:10 PM Mikhail Koliada <zlogene@g.o> wrote:
2 >
3 > Hello!
4 >
5 >
6 >
7 > This idea has been fluctuating in my head for quite a while given that the migration had happened
8 >
9 > a while ago [0] and some other major distributions have already adopted yescrypt as their default algo
10 >
11 > by now [1]. For us switching is as easy as changing the default use flag in pambase and rehashing the password
12 >
13 > with the ‘passwd’ call (a news item will be required).
14 >
15 >
16 >
17 > What do you think?
18
19 Seems like a reasonable idea to me.

Replies