Increase password hashing iterations

[LoicPoullain]

Issue

Latest OWASP guidelines recommend to have a work factor for PBKDF2 of 310,000 iterations when HMAC-SHA256 hashing algorithm is used. The iterations in hashPassword thus must be increased.

Source: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2

Solution and steps

• Increase password hashing iterations.
• Add a new function passwordHashNeedsToBeRefreshed.
• Add an example on how to use passwordHashNeedsToBeRefreshed in a log in controller.

Checklist

• Add/update/check docs (code comments and docs/ folder).
• Add/update/check tests.
• Update/check the cli generators.

[codecov-commenter]

Codecov Report

Merging #1149 (7fcdf3a) into v2-11-0 (71e5a18) will increase coverage by 0.01%.
The diff coverage is 100.00%.

@@             Coverage Diff             @@
##           v2-11-0    #1149      +/-   ##
===========================================
+ Coverage    98.94%   98.96%   +0.01%     
===========================================
  Files           96       99       +3     
  Lines         1712     1731      +19     
  Branches       404      410       +6     
===========================================
+ Hits          1694     1713      +19     
  Misses          18       18              

Impacted Files	Coverage Δ
.../core/src/core/routes/convert-error-to-response.ts	100.00% <ø> (ø)
packages/core/src/index.ts	0.00% <ø> (ø)
...es/core/src/common/auth/passwords/hash-password.ts	100.00% <100.00%> (ø)
packages/core/src/common/auth/passwords/index.ts	100.00% <100.00%> (ø)
...h/passwords/password-hash-needs-to-be-refreshed.ts	100.00% <100.00%> (ø)
.../passwords/utils/decompose-pbkdf2-password-hash.ts	100.00% <100.00%> (ø)
...ages/core/src/common/auth/passwords/utils/index.ts	100.00% <100.00%> (ø)
.../core/src/common/auth/passwords/verify-password.ts	100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.