mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-08 22:22:39 +00:00
feat(crypto): support md5 plain for imported password hashes (#8189)
# Which Problems Are Solved
Allow verification of imported passwords hashed with plain md5, without
salt. These are password digests typically created by one of:
- `printf "password" | md5sum` on most linux systems.
- PHP's `md5("password")`
- Python3's `hashlib.md5(b"password").hexdigest()`
# How the Problems Are Solved
- Upgrade passwap to
[v0.6.0](https://github.com/zitadel/passwap/releases/tag/v0.6.0)
- Add md5plain as a new verfier option in `defaults.yaml`
# Additional Changes
- Updated documentation to explain difference between `md5` (crypt) and
`md5plain` verifiers.
# Additional Context
- Requested by customer for import case
This commit is contained in:
Tim Möhlmann
@@ -68,7 +68,8 @@ The following hash algorithms are supported:
|
||||
|
||||
- argon2i / id[^1]
|
||||
- bcrypt (Default)
|
||||
- md5[^2]
|
||||
- md5: implementation of md5Crypt with salt and password shuffling [^2]
|
||||
- md5plain: md5 digest of a password without salt [^2]
|
||||
- scrypt
|
||||
- pbkdf2
|
||||
|
||||
|
||||
Reference in New Issue
Block a user