Versions Compared

Old Version 13

changes.mady.by.user Former user

Saved on

compared with

New Version 14

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Description

The Digizuite™ DAM Center stores user passwords using a FIPS & NIST compliant Password Hashing algorithm by default.
The underlying key derivation function introduces "workfactor" and "pepper" variables.
Out of the box, these variables may be specified in the web.config of the Dmm3BWSV3 service.

...

Note: 
Specifying high Workfactor and / or Pepper does not invalidate general best practices regarding password length and complexity!

Configuration

By default, you can specify password hashing configuration in the Dmm3BWSV3 web.config file.
You do not have to setup this configuration as it would default to the above values. However if you specify this section, the "workfactor" attribute is required, the pepper is not. 
 

This example shows how to setup a system using a workfactor of 80000 and a custom 32 byte pepper (for example readability):

Code Block
languagexml
<configuration>
  <configSections>
    <section name="passwordHashing" type="Digieyez.Digizuite.DigiZuiteLogic.PasswordHandling.Configuration.PasswordHashingSection" />
  </configSections>
  <connectionStrings />
  <passwordHashing workfactor="80000" pepper="hOHdlAaF3xZA4uON5hMuNiBeV5kfudE1w1szOLJ/Mjk=" />
</configuration>

...

languagexml

...

This page describes the actions required to configure the password hashing functionality.

Page Tree
rootPassword Hashing - DAM v4.7.0
startDepth2
searchBoxtrue