| Author |
Is there a standard password encryption for ldap servers (SSHA1)?
|
Matt Kohanek
Village Idiot
Ranch Hand
Joined: Apr 04, 2009
Posts: 469
|
|
I am just wondering if there is a standard encryption algorithm for LDAP servers. We are storing passwords in a database, and looking to upgrade security procedures. I am just doing pre liminary research.
We are thinking SSHA encryption is our best option. Is there anything I might consider before going this route?
From what I have read, most people seem to agree that SSHA is close to if not the most secure option here.
Any recommended reading for someone without much LDAP or encryption experience?
|
True wisdom is in knowing you know nothing - Socrates
|
 |
Arshad Noor
Ranch Hand
Joined: Oct 06, 2011
Posts: 33
|
|
All LDAP Directory Servers (that I've worked with) use a message-digest for storing the password of a user. The algorithms for the digest vary, but a good one to use today would be the Secure Hash Algorithm (SHA) -256, -384 or -512 (collectively known as the SHA-2 family).
Take a look at the source code of StrongKey CryptoEngine; it has code necessary to authenticate a user against Active Directory or OpenDS (an open-source Java-based Directory Server). But, the code can potentially work against any LDAP Directory Server.
Hope that helps.
Arshad Noor
StrongAuth, Inc.
|
|
 |
|
|
subject: Is there a standard password encryption for ldap servers (SSHA1)?
|
|
|
0
