You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by Apache Wiki <wi...@apache.org> on 2013/12/10 23:21:38 UTC

[Couchdb Wiki] Update of "Security_Features_Overview" by lancecarlson

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by lancecarlson:
https://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=41&rev2=42

  }}}
  NOTE: If you have openssl 1.0.0e or newer, the $SALT value includes a '(stdin)=' prefix. You should remove it and calculate password_sha with just the hex part.
  
+ Node JS
+ 
+ {{{
+ var crypto = require('crypto');
+ var password = 'coolbeans';
+ var salt = crypto.randomBytes(16).toString('hex');
+ var hash = crypto.createHash('sha1');
+ hash.update(password + salt);
+ var password_sha = hash.digest('hex');
+ }}}
+ 
  === pbkdf2 (v1.3.0 or newer) ===
  The default password hashing scheme in version 1.3.0 and newer is now [[http://en.wikipedia.org/wiki/PBKDF2|pbkdf2]] (replacing SHA1). By using a "slower" hash function along with an iterations parameter, dictionary attacks are now much more difficult to attempt (see issue [[https://issues.apache.org/jira/browse/COUCHDB-1060|COUCHDB-1060: CouchDB should use a secure password hash method instead of the current one]]). This adds a few new keys to user documents. Here's a sample user document with username "username" and password "password":
  {{{