mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438

More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that.
2025-04-04 05:37:39 +03:00 · 2021-12-26 16:51:04 +01:00 · 2021-12-26 16:51:04 +01:00 · 4261dc1d80
commit 4261dc1d80
parent c122d673e6
3 changed files with 9 additions and 2 deletions
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@ -28,7 +28,7 @@ local get_auth_db = assert(scram_hashers[hash_name], "SCRAM-"..hash_name.." not
 local scram_name = "scram_"..hash_name:gsub("%-","_"):lower();

 -- Default; can be set per-user
-local default_iteration_count = module:get_option_number("default_iteration_count", 4096);
+local default_iteration_count = module:get_option_number("default_iteration_count", 10000);

 -- define auth provider
 local provider = {};