• Type: Bug
• Resolution: Obsolete
• Priority: Low
• Fix Version/s: None
• Affects Version/s: None
• Component/s: Backend / Domain Model
• Labels:

  None

1. 

   crowd_encryption.png

   5 kB

   26/Jun/2008 7:57 AM

[CWD-1137] Default to sha1 hashes rather than the infrequently implemented atlassian-sha1

Monique Khairuliana (Inactive) made changes - 15/Aug/2019 7:06 AM

Workflow	Original: Simplified Crowd Development Workflow v2 - restricted [ 1511035 ]	New: JAC Bug Workflow v3 [ 3365396 ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]

Owen made changes - 07/Jul/2016 6:19 AM

Workflow

Original: Simplified Crowd Development Workflow v2 [ 1393001 ]

New: Simplified Crowd Development Workflow v2 - restricted [ 1511035 ]

Owen made changes - 12/May/2016 2:52 AM

Workflow

Original: Crowd Development Workflow v2 [ 272890 ]

New: Simplified Crowd Development Workflow v2 [ 1393001 ]

Collapse comment: joe added a comment - 25/Feb/2014 1:05 AM

joe added a comment - 25/Feb/2014 1:05 AM

The install still ominously reads:

Please see CWD-3812 for clarification.

Expand comment: joe added a comment - 25/Feb/2014 1:05 AM

joe added a comment - 25/Feb/2014 1:05 AM The install still ominously reads: Please see CWD-3812 for clarification.

Collapse comment: prdonahue added a comment - 25/Feb/2014 12:52 AM

prdonahue added a comment - 25/Feb/2014 12:52 AM

Can you please elaborate on the fact that bcrypt is "a widely-supported option"?

The install still ominously reads:

"For compatibility between Atlassian products you must use ATLASSIAN-SECURITY."

I really would prefer to use bcrypt, but it's more than a bit unclear which incompatibilities I would encounter?

Expand comment: prdonahue added a comment - 25/Feb/2014 12:52 AM

prdonahue added a comment - 25/Feb/2014 12:52 AM Can you please elaborate on the fact that bcrypt is "a widely-supported option"? The install still ominously reads: "For compatibility between Atlassian products you must use ATLASSIAN-SECURITY." I really would prefer to use bcrypt, but it's more than a bit unclear which incompatibilities I would encounter?

joe made changes - 18/Jun/2013 5:36 PM

Resolution		New: Obsolete [ 11 ]
Status	Original: Open [ 1 ]	New: Resolved [ 5 ]

Collapse comment: joe added a comment - 18/Jun/2013 5:35 PM

joe added a comment - 18/Jun/2013 5:35 PM

As of 2.1.0, the default is Atlassian-Security (PKCS5S2, with random salt), so I'm closing this as obsolete. We also support bcrypt (CWD-2810) as a widely-supported option, but there are no plans to make it the default.

Expand comment: joe added a comment - 18/Jun/2013 5:35 PM

joe added a comment - 18/Jun/2013 5:35 PM As of 2.1.0, the default is Atlassian-Security (PKCS5S2, with random salt), so I'm closing this as obsolete. We also support bcrypt ( CWD-2810 ) as a widely-supported option, but there are no plans to make it the default.

joe made changes - 30/Jan/2012 4:10 AM

Assignee

Original: David O'Flynn [Atlassian] [ doflynn ]

jawong.adm made changes - 15/Dec/2010 10:49 PM

Workflow

Original: JIRA Bug Workflow v2 [ 173552 ]

New: Crowd Development Workflow v2 [ 272890 ]

Collapse comment: Bastian Schumacher added a comment - 12/Nov/2010 2:31 PM

Bastian Schumacher added a comment - 12/Nov/2010 2:31 PM

Hello Brendan,

I'm sorry to tell you, that we got it never implemented. It had taken to much time, so I exported the users from the database (mysql), generated new passwords and imported them over the crowd importer. It has only affected about 30 people, so it wasn't such a big problem in our case.

Expand comment: Bastian Schumacher added a comment - 12/Nov/2010 2:31 PM

Bastian Schumacher added a comment - 12/Nov/2010 2:31 PM Hello Brendan, I'm sorry to tell you, that we got it never implemented. It had taken to much time, so I exported the users from the database (mysql), generated new passwords and imported them over the crowd importer. It has only affected about 30 people, so it wasn't such a big problem in our case.

Load more older events