The md5 method cannot be used with the db_user_namespace feature. Also, the MD5 hash algorithm is nowadays no longer considered secure against determined attacks. It prevents password sniffing and avoids storing passwords on the server in plain text but provides no protection if an attacker manages to steal the password hash from the server. The method md5 uses a custom less secure challenge-response mechanism. This is the most secure of the currently provided methods, but it is not supported by older client libraries. It is a challenge-response scheme that prevents password sniffing on untrusted connections and supports storing passwords on the server in a cryptographically hashed form that is thought to be secure. The method scram-sha-256 performs SCRAM-SHA-256 authentication, as described in RFC 7677.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |