Skip to content
Permalink
Browse files
Merge pull request #727 from DougReeder/main
Updates & links info on # iterations for authorization
  • Loading branch information
big-r81 committed May 11, 2022
2 parents d5a7a73 + 2b35d4f commit 51bb5b4f60d79923cac6a2eca43f5e3b70adc2d4
Showing 2 changed files with 4 additions and 2 deletions.
@@ -201,7 +201,9 @@ Authentication Configuration

The number of iterations for password hashing by the PBKDF2 algorithm.
A higher number provides better hash durability, but comes at a cost
in performance for each request that requires authentication. ::
in performance for each request that requires authentication.
When using hundreds of thousands of iterations, use session cookies, or the performance hit will be huge.
(The internal hashing algorithm is SHA1, which affects the recommended number of iterations.) ::

[chttpd_auth]
iterations = 10000
@@ -307,7 +307,7 @@ several *mandatory* fields, that CouchDB needs for authentication:
- **salt** (*string*): Hash salt. Used for both ``simple`` and ``pbkdf2``
``password_scheme`` options.
- **iterations** (*integer*): Number of iterations to derive key, used for ``pbkdf2``
``password_scheme``
``password_scheme`` See the :ref:`configuration API <config/chttpd_auth>`:: for details.
- **type** (*string*): Document type. Constantly has the value ``user``

Additionally, you may specify any custom fields that relate to the target

0 comments on commit 51bb5b4

Please sign in to comment.