Details
-
Suggestion
-
Resolution: Fixed
-
None
Description
LdapSshaPasswordEncoder uses a site-wide salt value. This is enough to prevent cracking passwords with hashes from another instance, but random salt would improve resistance to a site-wide attempt at password cracking, as well as hiding cases of password collision between users.