Vuln general hash

From Atomicorp Wiki
Revision as of 14:46, 18 October 2013 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

[edit] Operating System: Weak password hashing algorithm detected.

Weak MD5 algorithm detected for hashing passwords. Recommend implementing stronger SHA-256/512 hashing.

[edit] Next Steps

 authconfig --passalgo=sha512 --update

Note users will need to change their passwords in order to generate hashes using SHA-512, the above command cannot convert those accounts automatically. You can force users to change their password on next login:

 chage -d 0 userName

where userName is the name of the account to force the password change.

Personal tools