#12365: password generation must be more secured
---------------------------+---------------------------------------
Reporter: eanyx | Owner: nobody
Type: enhancement | Status: new
Priority: critical | Milestone: Unscheduled
Component: System | Version: R1/Development
Resolution: | Keywords: hash password /etc/shadow
Blocked By: | Blocking:
Has a Patch: 1 | Platform: All
---------------------------+---------------------------------------
Comment (by i80and):
Updated!
* More style tweaks! I changed N_log2 to NLog2 rather than nLog2, because
it's referring to the scrypt parameter `N`. I think changing the case of
the parameter name would make things muddier. But of course, I'll change
that if required.
* Thanks for the help with the unit test system! :D It seems to work!
Regarding the scrypt website blurb --- you can customize scrypt to take
different amounts of time and memory. The parameter `N=14` is recommended
for interactive systems, which shouldn't take longer than 250ms even on
older hardware. But for things like FDE or file archival encryption, you
would crank up `N` and you might well get up to 5 seconds.
--
Ticket URL: <https://dev.haiku-os.org/ticket/12365#comment:11>
Haiku <https://dev.haiku-os.org>
Haiku - the operating system.