Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
DEPRECATED IN V4: please use the new framework for this - see here
Password hashing is a configuration option. In
application.ini there are two options currently available:
resources.auth.oss.pwhash = "bcrypt" resources.auth.oss.hash_cost = 9
resources.auth.oss.pwhash = "plaintext"
When plaintext is selected, there is a message displayed to the user on the password reset page and on the profile page to alert them to this.
Note that using
plaintext passwords is inherently insecure and INEX strongly advises IXP Manager operators not to use this. Plaintext passwords are deprecated and support for this feature will be removed from future releases of IXP Manager.
Why is the option to use plaintext available?
IXP Manager can interface with several third party packages with authentication requirements, including:
- mailing list subscriptions (password to access archives and settings)
- TACACS+ / RADIUS authentication for route collectors / console servers
- staff services such as email, HTTP auth
- helpdesk software
There is no single hashing mechanism which is supported by all these systems. If password hashing is enabled, then IXP Manager cannot fully integrate with these packages.