You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by GitBox <gi...@apache.org> on 2020/11/19 15:56:55 UTC

[GitHub] [accumulo] ctubbsii edited a comment on issue #1788: Ability to update password hash

ctubbsii edited a comment on issue #1788:
URL: https://github.com/apache/accumulo/issues/1788#issuecomment-730468559


   > The crypt hash results has very rigid format with fixed id and salt length (if the default salt is used) so recognizing a crypt hash is very easy. Theoretically I think an overlap with the old hash format is possible but highly unlikely.
   
   I initially came to the same conclusion. However, the length of our current salt + sha-256 hash should be 40 bytes, exactly, and it's not possible for any of the algorithms supported by commons-codec to produce an encrypted String of that length. So, if we check the length, we can guarantee no overlap.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org