[naviserver-devel] Support for Argon2

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Dear all,

For all security hungry NaviServer users:

NaviServer supports now Argon2, which is currently the best known
password hashing function (well more than this, it is a key derivation
algorithm). For details, see [1]. It may take still some time until
OpenSSL 3.2 is available in the main Linux distributions.

With this change, NaviServer provides direct support for the two most
recommended password hashing algorithms of the OWASP project [2],
namely Argon2 and scrypt, along with SCRAM-sha-256 (actually PBKDF2)
which is the most secure algorithm implemented in PostgreSQL.

All the best

-g

[1] 
https://bitbucket.org/naviserver/naviserver/commits/4d634d54b77d1ce6b61f07944871f3dcf1a330a5
[2] 
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#password-hashing-algorithms

[naviserver-devel] Support for Argon2

NaviServer, a high performance web server written in C and Tcl

[naviserver-devel] Support for Argon2