[Openstack-security] [Bug 1668503] Re: sha512_crypt is insufficient, use pbkdf2_sha512 for password hashing
I also apologize if I didn't make it clear it was pbkdf still with
sha512, just that sha512_crypt (even pbkdf) is not sufficient for
applications (e.g. exposing your shadow file on linux *is* still a
compromise). The implication is that there is significantly more surface
area for Keystone to deal with than a system shadow file, therefore we
should be using bcrypt, scrypt, or at *least* pbkdf2 instead of
tl;dr I may have also missed on communicating sha512_crypt is pbkdf
rather than bare sha512 hashing.
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
sha512_crypt is insufficient, use pbkdf2_sha512 for password hashing
Status in OpenStack Identity (keystone):
Status in OpenStack Identity (keystone) mitaka series:
Status in OpenStack Identity (keystone) newton series:
Status in OpenStack Identity (keystone) ocata series:
Status in OpenStack Identity (keystone) pike series:
Status in OpenStack Security Advisory:
Status in OpenStack Security Notes:
Keystone uses sha512_crypt for password hashing. This is insufficient
and provides limited protection (even with 10,000 rounds) against
brute-forcing of the password hashes (especially with FPGAs and/or GPU
The correct mechanism is to use bcrypt, scrypt, or pbkdf2_sha512
instead of sha512_crypt.
This bug is marked as public security as bug #1543048 has already
highlighted this issue.
To manage notifications about this bug go to: