Difference between revisions of "Vuln general hash"
From Atomicorp Wiki
(Created page with " == Operating System: Weak password hashing algorithm detected. == Weak MD5 algorithm detected for hashing passwords. Recommend implementing stronger SHA-256/512 hashing. ...") |
|||
Line 13: | Line 13: | ||
− | Note users need to change their passwords in order to generate hashes using SHA-512. You can force users to change their password on next login: | + | Note users will need to change their passwords in order to generate hashes using SHA-512, the above command cannot convert those accounts automatically. You can force users to change their password on next login: |
chage -d 0 userName | chage -d 0 userName | ||
where userName is the name of the account to force the password change. | where userName is the name of the account to force the password change. |
Latest revision as of 13:46, 18 October 2013
[edit] Operating System: Weak password hashing algorithm detected.
Weak MD5 algorithm detected for hashing passwords. Recommend implementing stronger SHA-256/512 hashing.
[edit] Next Steps
authconfig --passalgo=sha512 --update
Note users will need to change their passwords in order to generate hashes using SHA-512, the above command cannot convert those accounts automatically. You can force users to change their password on next login:
chage -d 0 userName
where userName is the name of the account to force the password change.