Loading...

XML

Word

Printable

Type: Change Request
Resolution: Fixed
Priority: Major
Fix Version/s: 5.0.0alpha1, 5.0 (plan)
Affects Version/s: 2.0.8, 5.0.0alpha1, 5.0 (plan)
Component/s: API (A), Frontend (F)
Labels:

Sprint:
Sprint 58 (Nov 2019), Sprint 59 (Dec 2019), Sprint 60 (Jan 2020)
Story Points:
2

Currently MD5 algorithm is used for hashing user passwords.

Since MD5 "should be considered cryptographically broken and unsuitable for further use" I would like to encourage to use "strong cryptography" for hashing frontend passwords.
See NIST Special Publication 800-57 (http://csrc.nist.gov/publications/) for more information.

is duplicated by

ZBX-9881 Insecure password storage (unsalted hash)

Closed

ZBX-16551 Zabbix stores user passwords as MD5 hashes

Closed

ZBX-9871 Migrate DB Password hashing to SHA256

Closed

ZBX-15922 user passwords are in MD5 (in SQL)

Closed

ZBX-17202 Error on User Create

Closed

mentioned in: Page Loading...

(1 mentioned in)

Assignee:: Vasily Goncharenko (Inactive)

Reporter:: Marc

Team:: Team D

Votes:: 19 Vote for this issue

Watchers:: 19 Start watching this issue

Created:: 2013 Sep 10 00:37

Updated:: 2024 Apr 10 16:20

Resolved:: 2020 Jan 15 22:03

Details

Description

Attachments

Issue Links

Activity

People

Dates