Difference between revisions of "Vuln general hash"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with " == Operating System: Weak password hashing algorithm detected. == Weak MD5 algorithm detected for hashing passwords. Recommend implementing stronger SHA-256/512 hashing. ...")
 
 
Line 13: Line 13:
  
  
Note users need to change their passwords in order to generate hashes using SHA-512. You can force users to change their password on next login:
+
Note users will need to change their passwords in order to generate hashes using SHA-512, the above command cannot convert those accounts automatically. You can force users to change their password on next login:
  
 
   chage -d 0 userName
 
   chage -d 0 userName
  
 
where userName is the name of the account to force the password change.
 
where userName is the name of the account to force the password change.

Latest revision as of 14:46, 18 October 2013

[edit] Operating System: Weak password hashing algorithm detected.

Weak MD5 algorithm detected for hashing passwords. Recommend implementing stronger SHA-256/512 hashing.


[edit] Next Steps

 authconfig --passalgo=sha512 --update


Note users will need to change their passwords in order to generate hashes using SHA-512, the above command cannot convert those accounts automatically. You can force users to change their password on next login:

 chage -d 0 userName

where userName is the name of the account to force the password change.

Personal tools