diff options
author | Yorhel <git@yorhel.nl> | 2015-11-01 10:37:56 +0100 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2015-11-01 10:38:43 +0100 |
commit | 3de8d24697511fe324cae2526eb65d6aafb5968b (patch) | |
tree | b34f6a3b91352d9f753d9d3e3ae0e1a93acc758c /util | |
parent | 4b1807a58912ff0b4542063071e072ccf53fd1bd (diff) |
Removed support for sha256-hashed passwords
They had to be deleted from the database at some point, otherwise we
still have thousands of easily-cracked password hashes in the database.
Note that I could have opted to use scrypt on top of the sha256 hashes
so the passwords would remain secure without needing to reset
everything, but doing that after one year of switching to scrypt is
likely not worth it. Everyone who still actively uses his account has
already been converted to scrypt, everyone else should just reset their
password whevener they decide to come back.
Diffstat (limited to 'util')
-rw-r--r-- | util/sql/schema.sql | 3 | ||||
-rw-r--r-- | util/updates/update_2.26.sql | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/util/sql/schema.sql b/util/sql/schema.sql index 9f78cf51..ffc20cc2 100644 --- a/util/sql/schema.sql +++ b/util/sql/schema.sql @@ -551,9 +551,6 @@ CREATE TABLE users ( -- First 9 bytes: salt (ASCII) -- Latter 20 bytes: sha1(hex(token) + salt) -- 'token' is a sha1 digest obtained from random data. - -- * 41 bytes: sha256 password - -- First 9 bytes: salt (ASCII) - -- Latter 32 bytes: sha256(global_salt + password + salt) -- * 46 bytes: scrypt password -- 4 bytes: N (big endian) -- 1 byte: r diff --git a/util/updates/update_2.26.sql b/util/updates/update_2.26.sql index 5d1c403f..04534b98 100644 --- a/util/updates/update_2.26.sql +++ b/util/updates/update_2.26.sql @@ -1,2 +1,5 @@ -- No more 'staffedit' permission flag UPDATE users SET perm = (perm & ~8); + +-- Removed support for sha256-hashed passwords +UPDATE users SET passwd = '' WHERE length(passwd) = 41; |