Skip to content

[stable24] Handle one time and large passwords#33407

Merged
PVince81 merged 1 commit intostable24from
backport/stable24/one-time-password
Aug 3, 2022
Merged

[stable24] Handle one time and large passwords#33407
PVince81 merged 1 commit intostable24from
backport/stable24/one-time-password

Conversation

@CarlSchwan
Copy link
Member

@CarlSchwan CarlSchwan commented Jul 29, 2022

This adds an option to disable storing passwords in the database. This
might be desirable when using single-use token as passwords or very
large passwords.

For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exception recommending admin to either enable the previously enabled
configuration or use smaller passwords.

@CarlSchwan
Handle one time and large passwords
f4795f6 
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.

This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
@CarlSchwan CarlSchwan added the 3. to review Waiting for reviews label Jul 29, 2022
@CarlSchwan CarlSchwan added this to the Nextcloud 24.0.4 milestone Jul 29, 2022
@CarlSchwan CarlSchwan requested a review from a team July 29, 2022 14:17
@CarlSchwan CarlSchwan self-assigned this Jul 29, 2022
@CarlSchwan CarlSchwan requested review from blizzz, come-nc and skjnldsv and removed request for a team July 29, 2022 14:17
@CarlSchwan
Copy link
Member Author

CarlSchwan commented Aug 1, 2022

/backport to stable23

@CarlSchwan
Copy link
Member Author

CarlSchwan commented Aug 1, 2022

/backport to stable22

@blizzz blizzz mentioned this pull request Aug 1, 2022
Merged
PVince81
PVince81 approved these changes Aug 3, 2022
View reviewed changes
Copy link
Member

@PVince81 PVince81 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@PVince81 PVince81 merged commit 3a3a52d into stable24 Aug 3, 2022
@PVince81 PVince81 deleted the backport/stable24/one-time-password branch August 3, 2022 07:07
This was referenced Aug 3, 2022
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PVince81 PVince81 PVince81 approved these changes

@blizzz blizzz blizzz approved these changes

@skjnldsv skjnldsv Awaiting requested review from skjnldsv

@come-nc come-nc Awaiting requested review from come-nc

Assignees

@CarlSchwan CarlSchwan

Labels

3. to review Waiting for reviews

Projects

None yet

Milestone

Nextcloud 24.0.4

Development

Successfully merging this pull request may close these issues.

3 participants

@CarlSchwan @PVince81 @blizzz