Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable24] Handle one time and large passwords #33407

Merged
merged 1 commit into from
Aug 3, 2022
Merged

[stable24] Handle one time and large passwords #33407

merged 1 commit into from
Aug 3, 2022

Conversation

CarlSchwan
Copy link
Member

This adds an option to disable storing passwords in the database. This
might be desirable when using single-use token as passwords or very
large passwords.

For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exception recommending admin to either enable the previously enabled
configuration or use smaller passwords.

@CarlSchwan
Handle one time and large passwords
f4795f6 
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.

This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
@CarlSchwan CarlSchwan added the 3. to review Waiting for reviews label Jul 29, 2022
@CarlSchwan CarlSchwan added this to the Nextcloud 24.0.4 milestone Jul 29, 2022
@CarlSchwan CarlSchwan requested a review from a team July 29, 2022 14:17
@CarlSchwan CarlSchwan self-assigned this Jul 29, 2022
@CarlSchwan CarlSchwan requested review from blizzz, skjnldsv and come-nc and removed request for a team July 29, 2022 14:17
@CarlSchwan
Copy link
Member Author

/backport to stable23

@CarlSchwan
Copy link
Member Author

/backport to stable22

@blizzz blizzz mentioned this pull request Aug 1, 2022
Merged
PVince81
PVince81 approved these changes Aug 3, 2022
View reviewed changes
Copy link
Member

@PVince81 PVince81 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@PVince81 PVince81 merged commit 3a3a52d into stable24 Aug 3, 2022
@PVince81 PVince81 deleted the backport/stable24/one-time-password branch August 3, 2022 07:07
This was referenced Aug 3, 2022
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blizzz blizzz blizzz approved these changes

@PVince81 PVince81 PVince81 approved these changes

@skjnldsv skjnldsv Awaiting requested review from skjnldsv

@come-nc come-nc Awaiting requested review from come-nc

Assignees

@CarlSchwan CarlSchwan

Labels
3. to review Waiting for reviews
Projects
None yet
Milestone
Nextcloud 24.0.4
Development

Successfully merging this pull request may close these issues.
3 participants
@CarlSchwan @PVince81 @blizzz