mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/admin/defn/org/opends/server/admin/std/SaltedMD5PasswordStorageSchemeConfiguration.xml
@@ -24,6 +24,7 @@ ! ! ! Copyright 2007-2008 Sun Microsystems, Inc. ! Portions Copyright 2011 ForgeRock AS ! --> <adm:managed-object name="salted-md5-password-storage-scheme" plural-name="salted-md5-password-storage-schemes" @@ -40,13 +41,13 @@ <adm:description> This scheme contains an implementation for the user password syntax, with a storage scheme name of "SMD5", and an implementation of the auth password syntax, with a storage scheme name of "MD5". Although the MD5 digest algorithm is relatively secure, recent cryptanalysis work has identified mechanisms for generating MD5 collisions. This does not impact the security of this algorithm as it is used in OpenDS, but it is recommended that the MD5 password storage scheme only be used if client applications require it for compatibility purposes, and that a stronger digest like SSHA or SSHA256 be used for environments in which auth password syntax, with a storage scheme name of "MD5". Although the MD5 digest algorithm is relatively secure, recent cryptanalysis work has identified mechanisms for generating MD5 collisions. This does not impact the security of this algorithm as it is used in <adm:product-name />, but it is recommended that the MD5 password storage scheme only be used if client applications require it for compatibility purposes, and that a stronger digest like SSHA or SSHA256 be used for environments in which MD5 support is not required. </adm:description> <adm:profile name="ldap">
