Feature changed by: Stephan Kulow (coolo) Feature #308966, revision 2 Title: Change default passwd hash algorithm to sha512 - openSUSE-11.3: Unconfirmed + openSUSE-11.3: Rejected by (coolo) + reject date: 2010-02-09 15:10:16 + reject reason: too dangerous to break Priority Requester: Important Requested by: Stephan Kleine (bitshuffler) Partner organization: openSUSE.org Description: Change the default hashing algorithm that gets used by passwd and friends to something more secure than md5 in /etc/default/passwd (preferable sha512). Also please do this ASAP since we are early enough in the development cycle so any unexpected side effects get discovered and fixed before release. Business case (Partner benefit): openSUSE.org: The reason behind this change is that nowadays md5 simply isn't secure anymore. + Discussion: + #1: Stephan Kulow (coolo) (2010-02-09 15:13:08) + I'm not sure you understand where the md5 is used. md5 is simply the + fallback for external services and I'm not sure you can guarantee all + external password directories support sha512 -- openSUSE Feature: https://features.opensuse.org/308966