saltyming/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-06-25 20:23:30 +00:00
Code Activity

Update KDF Configuration and processing

Browse source 
- Change default Password Hash KDF Storage from 100_000 to 600_000 iterations
- Update Password Hash when the default iteration value is different
- Validate password_iterations
- Validate client-side KDF to prevent it from being set lower than 100_000
This commit is contained in:
BlackDex 2023-01-24 13:06:31 +01:00
parent 9b7e86efc2
commit 2d8c8e18f7
No known key found for this signature in database
GPG key ID: 58C80A2AA6C765E1
6 changed files with 35 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.env.template
View file

@ -298,9 +298,9 @@
## This setting applies globally to all users.
# INCOMPLETE_2FA_TIME_LIMIT=3
## Controls the PBBKDF password iterations to apply on the server
## The change only applies when the password is changed
# PASSWORD_ITERATIONS=100000
## Number of server-side passwords hashing iterations for the password hash.
## The default for new users. If changed, it will be updated during login for existing users.
# PASSWORD_ITERATIONS=350000
## Controls whether users can set password hints. This setting applies globally to all users.
# PASSWORD_HINTS_ALLOWED=true