authelia/docs/configuration/authentication
James Elliott 73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00
..
file.md [FIX] Hash Password Cmd Not Encoding Provided Salt (#999) 2020-05-14 15:55:03 +10:00
index.md [FEATURE] Disable Reset Password (#823) 2020-04-05 09:28:09 +10:00
ldap.md [FEATURE] Automatic Profile Refresh - LDAP (#912) 2020-05-04 21:39:25 +02:00