From 751894339d27882b3c647661d0ee912aa802065b Mon Sep 17 00:00:00 2001
From: Yorhel <git@yorhel.nl>
Date: Wed, 15 Oct 2014 14:52:00 +0200
Subject: scrypt: Lower default N to 65536

Completely disregard my comments regarding DoS in commit
6e0a0e1d00e11da9b4eab2163e19314f752b05b5 - successful logins aren't
throttled at all. The other reason for lowering this value is because
the API requires a login for each new TCP session, and it doesn't seem
like many (any?) applications keep the TCP session alive for very long.

Still, 65536 is more secure than the default of 16384.
---
 data/global.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/global.pl b/data/global.pl
index 477574c8..0e3dad3f 100644
--- a/data/global.pl
+++ b/data/global.pl
@@ -25,7 +25,7 @@ our %S = (%S,
   skin_default    => 'angel',
   global_salt     => 'any-private-string-here',
   form_salt       => 'a-different-private-string-here',
-  scrypt_args     => [ 131072, 8, 1 ], # N, r, p
+  scrypt_args     => [ 65536, 8, 1 ], # N, r, p
   scrypt_salt     => 'another-random-string',
   regen_static    => 0,
   source_url      => 'http://git.blicky.net/vndb.git/?h=master',
-- 
cgit v1.2.3